Technical Tip: FSSO agent with external LDAP like Open LDAP

FSSO agent, agent or agentless mode does not support Open LDAP.

Since it is designed to support the event IDs of Windows.

However, it is possible to active AD lookup with any kind of LDAP server.

FSSO Collector Agent with Windows Security Event Log polling mode supports the following Windows Event IDs:

- Windows 2008/2012/2016/2019 Event IDs: 4768, 4769*, 4776, 4624, 4770 **.

- Windows 2003 Event IDs: 672, 673*, 680, 528, 540 **.

Reference: 

https://community.fortinet.com/t5/FortiAuthenticator/Technical-Tip-Windows-event-IDs-used-by-FSSO-in-WinSec-polling/ta-p/189910