This article describes how the error 'Unable to import remote LDAP user 'CN=xzy,OU=yzx,DC=abc,DC=com': no username was found' may be encountered and resolved.

Under some circumstances, importing remote LDAP users under User Management -> Remote Users -> Import -> Import users -> Select users, may return the error the error 'Unable to import remote LDAP user 'CN=xzy,OU=yzx,DC=abc,DC=com': no username was found'.

This usually occurs if FortiAuthenticator is configured to look for an incorrect username attribute, usually in the remote LDAP server configuration, and sometimes in the LDAP browser window itself.

In the Remote LDAP server configuration (under Authentication > Remote Auth. Servers > LDAP:(

In this example, the username attribute is 'mobile'. Usually, the username attribute will be 'sAMAccountName', 'UserPrincipalName', or in rarer cases 'mail', 'CN' (Common Name), or 'DN' (Distinguished Name).

The logs accessible under Logging -> Log Access -> Logs may provide further details regarding the error.

This error ('username is not present') indicates that the Username attribute in the remote LDAP user mapping attributes is incorrect.

It is possible to verify user attributes in the window Import Remote LDAP Users -> User attributes.

In this example, the wrong username attribute is set up: Username: user13. This should usually be blank, unless the aim is to filter for and import one specific user, not a number of users.

Removing user13 from the Username attribute and saving the configuration allows for the proper import of users.

Related article:

Technical Tip: How to import remote LDAP user in FortiAuthenticator