Fortinet black logo

Administration Guide

Home FortiProxy 7.2.0 Administration Guide
7.2.0
7.4.3
7.4.2
7.4.1
7.4.0
7.2.10
7.2.9
7.2.8
7.2.7
7.2.0
7.0.17
7.0.0
2.0.0
1.2.0
1.1.0
1.0.0

User Groups

User Groups

A user group is a list of user identities. An identity can be one of the following:

  • a local user account (user name and password) stored on the Fortinet unit

  • a local user account with a password stored on a RADIUS, LDAP, or TACACS+ server

  • a RADIUS, LDAP, or TACACS+ server (all identities on the server can authenticate)

  • a user or user group defined on a Directory Service server

There are four types of user groups:

  • Firewall

  • Fortinet Single Sign-On (FSSO)

  • RADIUS Single Sign-On (RSSO)

  • Guest

For each resource that requires authentication, you specify which user groups are permitted access. You need to determine the number and membership of user groups appropriate to your authentication needs.

Users that are associated with multiple groups have access to all services within those user groups. This access is only available in the CLI with the auth-multi-group command, which is enabled by default. This feature checks all groups a user belongs to for firewall authentication.

To configure user groups, go to User & Authentication > User Groups.

Hover over the leftmost edge of the column heading to display the Configure Table icon, which you can use to select the columns to display or to reset all the columns to their default settings. You can also drag column headings to change their order.

The following options are available:

Create New

Create a user group. See Create or edit a user group.

Edit

Edit a user group. See Create or edit a user group.

Clone

Make a copy of a user group.

Delete

Delete a group or groups.

Search

Enter a search term to search the user group list.

Group Name

The name of the user group.

Group Type

The type of group: Firewall, Fortinet Single Sign-On (FSSO), RADIUS Single-Sign-On (RSSO), or Guest.

Members

The names of the members in the group.

Ref.

Displays the number of times the object is referenced to other objects.

To view the location of the referenced object, select the number in Ref.; the Object Usage window opens and displays the various locations of the referenced object.
Previous
Next

User Groups

A user group is a list of user identities. An identity can be one of the following:

  • a local user account (user name and password) stored on the Fortinet unit

  • a local user account with a password stored on a RADIUS, LDAP, or TACACS+ server

  • a RADIUS, LDAP, or TACACS+ server (all identities on the server can authenticate)

  • a user or user group defined on a Directory Service server

There are four types of user groups:

  • Firewall

  • Fortinet Single Sign-On (FSSO)

  • RADIUS Single Sign-On (RSSO)

  • Guest

For each resource that requires authentication, you specify which user groups are permitted access. You need to determine the number and membership of user groups appropriate to your authentication needs.

Users that are associated with multiple groups have access to all services within those user groups. This access is only available in the CLI with the auth-multi-group command, which is enabled by default. This feature checks all groups a user belongs to for firewall authentication.

To configure user groups, go to User & Authentication > User Groups.

Hover over the leftmost edge of the column heading to display the Configure Table icon, which you can use to select the columns to display or to reset all the columns to their default settings. You can also drag column headings to change their order.

The following options are available:

Create New

Create a user group. See Create or edit a user group.

Edit

Edit a user group. See Create or edit a user group.

Clone

Make a copy of a user group.

Delete

Delete a group or groups.

Search

Enter a search term to search the user group list.

Group Name

The name of the user group.

Group Type

The type of group: Firewall, Fortinet Single Sign-On (FSSO), RADIUS Single-Sign-On (RSSO), or Guest.

Members

The names of the members in the group.

Ref.

Displays the number of times the object is referenced to other objects.

To view the location of the referenced object, select the number in Ref.; the Object Usage window opens and displays the various locations of the referenced object.
Previous
Next