| Description | This article describes how to resolve the error message 'Strong Auth Required' that may appear when configuring an LDAP server in the FortiClient Endpoint Management Server (EMS). |
| Scope | FortiClient EMS. |
| Solution |
When configuring an LDAP server in FortiClient EMS, the error 'Strong Auth Required' may appear:
This occurs because the group policy applied to the domain account used has 'LDAP server configuration has LDAP server signing requirements' set to 'Require Signing'.
This setting means it is necessary to use LDAPS (over SSL connection) and import an LDAP Certificate Authority certificate into the Trusted Root Certification store.
To continue to use LDAP (on port 389), navigate to Group Policy Management Editor -> Computer Configuration -> Policies -> Windows Settings -> Security Settings -> Local Policies -> Security Options -> Domain controller: LDAP server signing requirements and set the value to 'None'.
It will then be necessary to execute the 'gpupdate /force' command to update the group policy. After, it will be possible to configure an LDAP server in the FortiClient EMS to use port 389. |
