How To Refresh AD Groups With Fortigate’s FSSO Agent

Fortigate uses an application called the FSSO Agent, which is Fortinet’s single sign on application for their Fortigate firewall. The FSSO agent sits on an AD domain controller and is used to synchronise AD groups and user information back to the Fortigate firewall.

I have found that after updating group filters in Fortigate’s FSSO agent, that AD groups aren’t refreshed in the web interface of the Fortigate firewall. To fix this I tried searching for an update or refresh option under User -> User Group on the device, but this didn’t work. After some time, I still couldn’t update my AD group information… Until I found this command:

execute fsso refresh

This can be run in the Fortigate command line / console, which can also be found as a widget on the web interface dashboard (System -> Status). This command immediately refreshed the list of AD groups that I had updated in the Fortigate FSSO Agent.

VN:D [1.9.22_1171]
Rating: 4.7/10 (6 votes cast)
How To Refresh AD Groups With Fortigate's FSSO Agent, 4.7 out of 10 based on 6 ratings

Leave a comment

Your email address will not be published. Required fields are marked *