FortiAuthenticator
FortiAuthenticator provides centralized authentication services for the Fortinet Security Fabric including multi-factor authentication, single sign-on services, certificate management, and guest management.
matanaskovic
Staff
Staff
Article Id 229372
Description

 

This article describes how to permanently remove LDAP users from FortiAuthenticator and from FortiToken Cloud, so it can release the token license.

 

Scope

 

FortiAuthenticator 6.4.6, FortiToken Cloud.

 

Solution

 

If the remote LDAP user is deleted from FortiAuthenticator -> User Management -> Remote Users, it will be not enough to release the FortiToken cloud license. Users will still exist in the cloud.

 

matanaskovic_2-1668009002153.png

 

matanaskovic_3-1668009059287.png

 

On the FortiAuthenticator Dashboard -> License Information -> FortiToken Cloud Status (i), it is possible to access a new window with a list of Out-of-sync users, from where it is possible to remove users that are synchronizing with FortiToken Cloud. 

 

matanaskovic_4-1668009160526.png

 

matanaskovic_0-1668086023891.jpeg

 

After deleting a user from the Out-of-sync users list, it will release the FortiToken Cloud license and it will be removed from the cloud. 

 

Related articles:

https://docs.fortinet.com/document/fortitoken-cloud/latest/admin-guide/523320/introduction

https://docs.fortinet.com/document/fortitoken-cloud/latest/how-to-add-licenses/191652/introduction