Skip to main content
Nightwolf_82
Nightwolf_82
New Member
December 5, 2019
Question

SSL VPN with LDAP authentication - Invalid credentials

  • December 5, 2019
  • 1 reply
  • 11919 views

Hi guys.

 

I have FortiGate 60E on which I'm trying to configure SSL VPN with authentication against Active Directory Directory Services.

On the Edit LDAP Server page I can see the Connection status as Successful.

I am also 100% sure that on the Edit User Group the correct security group is selected under Remote Groups section.

However, when I try to use Test User Credentials I get:

Connection status - Successful

User credentials - Invalid credentials

Tried in different formats like username, domain\username, username@domain.local - no difference at all.

Any attempt to establish SSL VPN connection with FortiClient ends up with the error message "Unable to logon to the server. You username or password may not be configured for this connection. (-12)"

 

I can't see anything I configured wrong so got stuck completely and run out of ideas as to what else I should check. 

Whoever has this issue and was able to solve it please advise what else I need to re-check or re-configure.

 

Thanks in advance.

      1 reply

      Nightwolf_82
      Nightwolf_82Author
      New Member
      December 8, 2019

      RESOLVED - I tried a lot of things so can't say what exactly was the solution in my case. 

      lost_webdev
      lost_webdev
      New Member
      March 25, 2021

      I had the exact same issue. 

      After I changed the Common Name Identifier to sAMAccountName the issue was fixed.

       

      User & Device > LDAP Servers > Edit Server > Set the Common Name Identifier to sAMAccountName

        KiwiTech
        KiwiTech
        Visitor III
        August 18, 2022

        Brilliant - User & Device > LDAP Servers > Edit Server > Set the Common Name Identifier to sAMAccountName worked for me as well :)

        Terms & ConditionsAccessibility statement