Technical Tip: How to enable Email password recovery with Remote User Sync Rule

Description

This article describes how to enable email password recovery for remote users  from remote LDAP user sync rules.

Scope

FortiAuthenticator v6.2.1.

Solution

• In earlier versions it is necessary to manually enable Email password recovery for each user.
• Starting from 6.2.1 version it is possible to enable Email password recovery from LDAP sync rule itself when-in this setting make sure that the option is enabled for both existing and new remote users.
  
  

To enable the option:
Go to Authentication -> User Management -> Remote User Sync Rule, edit Remote LDAP User Synchronization Rule and enable Email password recovery.

When the option is enabled in the sync rule, FortiAuthenticator will:

• Enable the email password recovery setting for new remote LDAP users if they also have a valid email address.
• Enable the email password recovery setting for existing remote LDAP users if they also have a valid email address.
  
  

When the option is disabled in the sync rule, FortiAuthenticator will behave the same as in previous releases:

• Disable the email password recovery setting for new remote LDAP users.
•  Leave the current email password recovery setting unchanged for existing remote LDAP users.