Help
FortiAuthenticator
FortiAuthenticator provides centralized authentication services for the Fortinet Security Fabric including multi-factor authentication, single sign-on services, certificate management, and guest management.
kwcheng__FTNT
Staff
Staff

Created on ‎05-13-2025 01:00 AM Edited on ‎05-27-2025 03:57 AM By Community Manager

Article Id 391579

Technical Tip: Understanding the log message 'LDAP User Sync'

Description This article describes the typical circumstances behind the 'LDAP User Sync'.
Scope FortiAuthenticator.
Solution

Event ID 30303 describes that the FortiAuthenticator detected an events related to LDAP User Sync rule. This event IDs only have information about remote LDAP. SAML and SCIM will not be included under this event ID. 

 

The sample system event message(s) will look like below:

 

  1. Performing remote LDAP user sync:

 

date=2025-04-13 time=20:13:33+0000 oid=8888 logid=30303 cat="Event" subcat="System" level="information" nas="" action="" status="" msg="Performing remote LDAP user sync (rule: test) with test.local (1.1.1.1)." user=""

 

  1. Retrieved users:

 

date=2025-04-13 time=20:13:33+0000 oid=8888 logid=30303 cat="Event" subcat="System" level="information" nas="" action="" status="" msg="Retrieved 100 user(s) from the remote LDAP server "test.local (1.1.1.1)". (sync rule: test)" user=""

 

  1. No users:

 

date=2025-04-13 time=20:13:33+0000 oid=8888 logid=30303 cat="Event" subcat="System" level="notice" nas="" action="" status="" msg="No remote users found for sync rule "test" on remote LDAP server test.local (1.1.1.1)." user=""

 

  1. Unable to import valid token-based authentication:

 

date=2025-04-13 time=20:13:33+0000 oid=8888 logid=30303 cat="Event" subcat="System" level="notice" nas="" action="" status="" msg="Unable to import valid token-based authentication for remote LDAP user vpnuser (rule: test) @ test.local (1.1.1.1)." user="vpnuser"

 

  1. Cannot assign a FortiToken:

 

date=2025-04-13 time=20:13:33+0000 oid=8888 logid=30303 cat="Event" subcat="System" level="notice" nas="" action="" status="" msg="Cannot assign an FTM token to remote LDAP user vpnuser @ test.local (1.1.1.1) without a valid email address." user=""

 

  1. Failed adding user due to special characters:

 

date=2025-04-13 time=20:13:33+0000 oid=8888 logid=30303 cat="Event" subcat="System" level="information" nas="" action="" status="" msg="Cannot add user from LDAP server test.local because of this error: Enter a valid value. This value may contain only English letters, international characters, numbers, and the following characters: & . + - _ , @" user=""

 

  1. Failed adding user due to invalid user email:

 

date=2025-04-13 time=20:13:33+0000 oid=8888 logid=30303 cat="Event" subcat="System" level="information" nas="" action="" status="" msg="Cannot add user from LDAP server test.local because of this error: Failed to import user "token" (rule: test), Email is required if TFA method is FTM" user=""

 

  1. Found modified FortiClient users for sync:

 

date=2025-04-13 time=20:13:33+0000 oid=8888 logid=30303 cat="Event" subcat="System" level="information" nas="" action="" status="" msg="Found 100 modified FTC users for sync (rule: test) with test.local (1.1.1.1)" user=""

 

  1. Successfully synced:

 

date=2025-04-13 time=20:13:33+0000 oid=8888 logid=30303 cat="Event" subcat="System" level="information" nas="" action="" status="" msg="Successfully synced (rule: test) with test.local on Fri Apr 25 20:13:33 2025." user=""

 

There are many other different events, and they will still share the same event IDs under 30303. They can be viewed under Log Access -> Logs -> filter '30303'.
425
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.