Help
FortiAuthenticator
FortiAuthenticator provides access management and single sign on.
tonylin1
Staff
Staff

Created on ‎03-07-2024 10:05 PM

Article Id 302551

Technical Tip: Remote Sync rules will not sync the user that manually import by user

Description

This article describes when a user manually imports the remote user in the LDAP group, it will still exist after that user is removed from AD and Manual Sync on Remote User Synced Rules.
Scope FortiAuthenticator.
Solution
  1. There are two users in the remote LDAP AD server.
  2. Manually add 'twtac2' on GUI under Remote Users -> Import.

 

截圖 2024-03-04 上午10.55.39.png

截圖 2024-03-04 上午10.55.52.png

 

  1. Manually Sync 'twtac1' user from GUI under Remote User Synced Rules:

 

截圖 2024-03-04 上午10.57.41.png

 

  1. There are now, two users in Remote Users:
  • twtac1: Remote User Sync Rules -> Manual Sync.
  • twtac2: Remote Users -> Import.

 

  1. After removing 'twtac2' user from window AD and doing Remote User Sync Rules -> Manual Sync, 'twtac2' still exists on Remote Users:

 

截圖 2024-03-04 上午10.57.41.png

In conclusion, Remote User Sync Rules -> Manual Sync will not sync the user manually imported by Remote Users -> Import .

 

 

 

 

 

104
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.