Fortinet black logo

User Guide

Home FortiGuest 1.2.0 User Guide
1.2.0
1.2.0
1.1.0
1.0.0

External Authentication Servers

External Authentication Servers

You can authenticate sponsors against the following external authentication servers. The external servers authenticate sponsors using their existing server credentials. It also enables the administrator to quickly roll out user access because there is no need to create and manage additional local sponsor accounts. You can create Group Mappings' rules to map the sponsor to a group based on information returned from the authentication server, see Admin Groups. You can Clone the authentication policy to reuse server configurations.

  1. Navigate to Access Management > Authentication > Authentication Servers and click New.
  2. Enter a Name for the authentication server and select any of the authentication Server Type. Based on the selected authentication server, update the Settings parameters to create an authentication policy.

The following external servers are supported for authentication.

Notes:

  • For authentication with external servers like Active Directory and LDAP, ensure that the remote user is part of at least one group. For RADIUS authentication, the server needs to respond back with a class attribute. If there is no class attribute from a RADIUS server or a group returned from LDAP, the authentication fails.
  • For authentication with external servers, if the group mapping does not match then the sponsor is mapped to the sponsor group that is already defined on portal.
Previous
Next

External Authentication Servers

You can authenticate sponsors against the following external authentication servers. The external servers authenticate sponsors using their existing server credentials. It also enables the administrator to quickly roll out user access because there is no need to create and manage additional local sponsor accounts. You can create Group Mappings' rules to map the sponsor to a group based on information returned from the authentication server, see Admin Groups. You can Clone the authentication policy to reuse server configurations.

  1. Navigate to Access Management > Authentication > Authentication Servers and click New.
  2. Enter a Name for the authentication server and select any of the authentication Server Type. Based on the selected authentication server, update the Settings parameters to create an authentication policy.

The following external servers are supported for authentication.

Notes:

  • For authentication with external servers like Active Directory and LDAP, ensure that the remote user is part of at least one group. For RADIUS authentication, the server needs to respond back with a class attribute. If there is no class attribute from a RADIUS server or a group returned from LDAP, the authentication fails.
  • For authentication with external servers, if the group mapping does not match then the sponsor is mapped to the sponsor group that is already defined on portal.
Previous
Next