Help
FortiAuthenticator
FortiAuthenticator provides centralized authentication services for the Fortinet Security Fabric including multi-factor authentication, single sign-on services, certificate management, and guest management.
rmharini
Staff
Staff

Created on ‎12-15-2024 02:43 PM Edited on ‎12-23-2024 02:58 AM By Community Manager

Article Id 364650

Technical Tip: Username format used to connect to the SSL VPN when two LDAP servers are configured on FortiAuthenticator

Description This article describes the username format required to connect to the SSL VPN when two LDAP servers are configured on FortiAuthenticator.
Scope FortiAuthenticator.
Solution

When two LDAP servers are configured on the FortiAuthenticator, users from LDAP Group 1 can connect to the SSL VPN using only their username, while users from LDAP Group 2 must use the 'Username format' specified in the RADIUS policy.

 

Examples:

  • LDAP Server 1: Users connecting to LDAP Group 1 via SSL VPN log in using just the username. For example test.

  • LDAP Server 2: Users connecting to LDAP Group 2 via SSL VPN must log in using the 'realm\username' format as specified in the RADIUS policy. For example: ldap_2\test2.

LDAP Server 1 and LDAP Server 2 are distinct and separate servers.

 

ldap-server2.png
139
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.