cancel
Showing results for 
Search instead for 
Did you mean: 

Identifi: What is an easiest way to authenticate users in Active Directory using NAC?

Identifi: What is an easiest way to authenticate users in Active Directory using NAC?

Ilya_Semenov
Contributor
Hello, everybody,

at the moment I have 120 APs and about 12000 users. Employees's SSID has beautiful authorization webform on Fortigate firewall, users use their Active DIrectory credentials and everything works fine, except I can't see AD accounts of wifi users in Netsight. This makes me very sad(

But I have an installation of mighty NAC!

Is there any step-by-step guide how to configure NAC to authorize AD users using a webform?

Could you please share it!

Many thanks in advance,

Ilya
12 REPLIES 12

Diederik_Kuijpe
New Contributor III
Why not use RADIUS auth?

Why's that even a requirement? By utilizing Radius auth you can skip the auth webpage, users simply put in their AD credentials for connecting to the SSID. You then have the users available in Identifi/NetSight and if you enable FSSO polling on the Fortigate you automatically authenticate users for the firewall as well.

I did this to alleviate double sign-ins.

http://cookbook.fortinet.com/fsso-polling-mode/

Hi,
what do you mean?

For sure, I could authorize users over Microsoft NPS. But this is enterprise customers, they need a beautiful web page, not just two input string for login/password.
GTM-P2G8KFN