Skip to main content
cybernet2025
cybernet2025
Explorer III
October 12, 2022
Question

LDAP authentication issue

  • October 12, 2022
  • 3 replies
  • 1790 views

Dear all

 

I have 2 AD, Primary and secondary LDAP server.

I already setup user authentication at Firewall Policy for 4 users. (1 policy for 4 users)

I have only one user cannot sign-in on captive portal If I changed the LDAP setting to Primary this user cannot sign-in on captive portal page.
but If I changed the LDAP to secondary this user can signed-in on captive portal page. 

 

How can I investigate this issue?

 

3 replies

ebilcari
Staff
ebilcari
Staff
October 12, 2022

Hi,

you can investigate with this debug command:

Enable debug

   diagnose debug application fnbamd -1

   diagnose debug enable

Disable debug

  • diagnose debug application fnbamd 0
  • diagnose debug disable

Here LDAP it's explained in details:

https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-Fortigate-LDAP/ta-p/196280

Emirjon
    Markus_M
    Staff & Editor
    Markus_M
    Staff & Editor
    October 12, 2022

    In addition to eb, run the debug for both cases

    - connecting to primary LDAP server

    - connecting to secondary LDAP server

    then you can compare. It does sound like the server response from the secondary is different in some way.

      cybernet2025
      cybernet2025Author
      Explorer III
      October 19, 2022

      Thanks so much Markus

      Terms & ConditionsAccessibility statement