Active Directory Password sync over ZTNA

Forum|Forum|8 months ago
September 18, 2025
1 reply
602 views

All of our Windows Laptops are joined to our Active Directory domain when we send them out to users. With VPN a user could change their AD password and the password would sync to the Laptop over VPN while connected. Now that we are changing over to ZTNA there is no VPN for users to sync their AD passwords. I could setup a proxy (more like 10 proxies) for all the ports needed by AD to allow password syncing but this sounds a bit over kill. There must be a solution that others have come across to do this.

ozkanaltas

Valued Contributor III

Hello @Systemgeek2 ,

If you use FortiGate 7.6.2 and FortiClientEMS 7.4.1, you can configure one destination and more than one port for that destination.

If you don't use these versions on your devices. It seems you should configure every port one by one.

https://community.fortinet.com/t5/Support-Forum/Forticlient-gpupdate-via-ZTNA/m-p/376533/highlight/true#M263777

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded