| Description |
This article explains how to fix the FortiAuthenticator error: Cannot add user from LDAP server DC-boss because of this error: Failed to import user 'administrator' (rule: TAC-RULE), Mobile number is required if TFA method is SMS.
 |
| Scope | |
| Solution |
In the Remote User Sync Rules, 'SMS' as OTP method has been selected. For using SMS token code, user’s mobile number attribute must be specified. If mobile number is in wrong format or is missing, then users will not be imported from LDAP server into FortiAuthenticator.
Also, under the Remote User Sync Rules settings, mobile number attribute must be defined.
Mobile number: mobile
In Active Directory, user mobile number attribute must be in this format '+ [international number] [mobile number]'.
Then it is necessary to run manually Remote User Sync Rule and this time, it is necessary to see that username 'administrator' has been imported from LDAP server with mobile number for delivering token code.
Also, it is possible to verify that in the logs.
Related Article: |
