Help
FortiAuthenticator
FortiAuthenticator provides centralized authentication services for the Fortinet Security Fabric including multi-factor authentication, single sign-on services, certificate management, and guest management.
ManpreetSingh
Staff
Staff

Created on ‎05-04-2025 10:47 PM Edited on ‎05-27-2025 03:57 AM By Community Manager

Article Id 390430

Technical Tip: FSSO DC/TS Agent error 'work queue full, dropping event' observed in FortiAuthenticator

Description

This article explains the reason and resolution for the following warning seen in FortiAuthenticator logs when using FSSO with DC/TS Agents:

 
DC/TS Agent [WARN]: work queue full, dropping event from x.x.x.x:53764

This message indicates that FortiAuthenticator is dropping incoming logon events from a Domain Controller (DC) or Terminal Server (TS) Agent due to the internal work queue being full.
Scope FortiAuthenticator.
Solution If the FortiAuthenticator is integrated with multiple DC/TS Agents using FSSO.

  • In the debug output, the following log is seen:

 

DC/TS Agent [WARN]: work queue full, dropping event from x.x.x.x:53764
 

  • All agent connections show as UP.

  • CPU and memory utilization are normal.

  • No network-level issues (packet loss, latency, or malformed packets) are observed between the FortiAuthenticator and DC/TS sources.

  • The number of logged-in FSSO users is well below the maximum supported capacity.

 

Cause:

This behaviour matches a known issue tracked under Bug ID 1083628, where the internal event processing queue in FortiAuthenticator becomes full under certain workloads. This leads to dropped logon events even if the system is not under resource pressure.

 

Resolution:

This issue is finally resolved in v6.6.3. In case the FortiAuthenticator upgrade to v6.6.3 is not possible immediately, a quick workaround is to set up FortiAuthenticator -> Fortinet SSO -> Settings -> Log Config -> Log level to Error.

 

FSSO_Log_level_error.png

 

Recommendation:
Upgrade the FortiAuthenticator firmware to v6.6.3 or later, where this bug is fixed.

  1. Back up the current configuration.

  2. Download FortiAuthenticator v6.6.3+ from the Fortinet Support Portal

  3. Perform the upgrade via GUI or CLI.

  4. After the upgrade, monitor debug logs to confirm the absence of further warning messages.
310
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.