Fortigate - block sites with AD connection

Hi Experts,

I have a FORTIGATE 200B firewall cluster from running.
The webfilter is active for all with a policy.
Always when I have a person who needs special access to several sites, which are normally blocked, I have to create a new policy, reserve the IP of the user and blind this to the new policy.

Is it not possible to connect the FORTIGATE to my AD and use the AD user to allow  or block a site ?
Eprs_AdminSystem ArchitectAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Use LDAP or FSAE feature in fortigate to attain the goal
Eprs_AdminSystem ArchitectAuthor Commented:
do you have a manual to set up LDAP ?

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

Eprs_AdminSystem ArchitectAuthor Commented:
is it possible with this configuration to create a policy, based on a AD usergroup to block facebook and exclude some users from this rule ?
What do I need ? LDAP or FSAE ?

I dont know what to configure in my case ....
Eprs_AdminSystem ArchitectAuthor Commented:
Can you explain how to use LDAP with the FORTIGATE ?
I have read your link and LDAP is configured.
But how to create a policy to block sites and exclude some users from it ?
Eprs_AdminSystem ArchitectAuthor Commented:
what I don´t understand, in my FORTIGATE they speak about FSSO and in the manual about FSAE and LDAP.
Eprs_AdminSystem ArchitectAuthor Commented:
when I activate the Enable Identity Based Policy, then all internet access is gone.
Can you help me out to configure it properly ?
Eprs_AdminSystem ArchitectAuthor Commented:
I need help to set this up in the Fortigate.
What do I need to allow a user a blocked site ?
Eprs_AdminSystem ArchitectAuthor Commented:
ok I got it.
Thanks for your help which was not very satisfied :-(
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Hardware Firewalls

From novice to tech pro — start learning today.