Just more ramblings of another IT Guy

Guest NTLM access (CLI only)

Guest profile access may be granted to users failing NTLM authentication, such as
visitors who have no user credentials on the network. To allow guest users in NTLM, use
the following CLI command: If there are multiple domains, a trust relation must exist between them. This is automatic if they are in a forest. With the trust relation, only one FSSO DC agent needs to be installed. Without the trust relation, FSSO DC agents must be installed on each domain controller.Authentication in security policies Configuring authenticated accessUser Authentication for FortiOS 4.0 MR3

config firewall policy
edit 8
set action accept
set identity-based enable
set ntlm enable
set ntlm-guest enable

This entry was posted in Fortigate, Tips+Tricks. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *