Technical Tip: Username format used to connect to the SSL VPN when two LDAP servers are configured on FortiAuthenticator

When two LDAP servers are configured on the FortiAuthenticator, users from LDAP Group 1 can connect to the SSL VPN using only their username, while users from LDAP Group 2 must use the 'Username format' specified in the RADIUS policy.

Examples:

• LDAP Server 1: Users connecting to LDAP Group 1 via SSL VPN log in using just the username. For example test.

• LDAP Server 2: Users connecting to LDAP Group 2 via SSL VPN must log in using the 'realm\username' format as specified in the RADIUS policy. For example: ldap_2\test2.

LDAP Server 1 and LDAP Server 2 are distinct and separate servers.