Technical Tip: Unable to search subdomains in directory
Description
This article describes how to solve an issue when Subdomains are unable to be searched. LDAP Login user account specified in the LDAP configuration in System -> Settings -> Authentication -> LDAP is a member of the top-level domain.
Example:
LDAP login is a member of the domain Abc.com.
Unable to search for user records or groups under subdomains:
Sub1.abc.com.
Sub2.abc.com.
Scope
FortiNAC.
Solution
Enable Referral Lookup in the directory model.
- Navigate to System -> Settings -> Authentication -> LDAP.
- Select the directory, and then Modify.
- Select Additional Configuration.
- Select Perform Lookup on Referral.
- Select OK to save.
For more details on LDAP configuration see the Directories Configuration in the Administration Guide.