Help
FortiAuthenticator
FortiAuthenticator provides centralized authentication services for the Fortinet Security Fabric including multi-factor authentication, single sign-on services, certificate management, and guest management.
sisrayilov
Staff
Staff

Created on ‎08-07-2025 04:13 AM Edited on ‎08-26-2025 02:23 AM By Moderator

Article Id 405282

Troubleshooting Tip: Unable to import a remote user as a local user through a Remote User Sync Rule in the FortiAuthenticator

Description

 

This article describes a problem that occurs while importing a remote user (LDAP) as a local user in FortiAuthenticator.

 

Scope

 

FortiAuthenticator.

 

Solution

 

The following error log might be received during the process of importing a remote LDAP user in the FortiAuthenticator through a remote user sync rule. It can be checked and verified through the following path: Logging -> Log Access -> Logs.

log.png

 

From the RAW logs:

 

date=2025-08-07 time=10:42:44+0000 oid=9092407 logid=30303 cat="Event" subcat="System" level="information" nas="" action="" status="" msg="Cannot add user from LDAP server XY because of this error: Failed to import user "importasalocaluser" (rule: import as a local user), Email is required if TFA method is FTM" user=""

 

In order to fix it, there is a need to add the email of the user account to the LDAP server.

 AD account.png

 

After adding an email to the account in Active Directory and resynchronizing the remote user through the same remote user sync rule, it will be added successfully. 


adding .png

138
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.