FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
When attempting to log in using local users configured on FortiAuthenticator, authentication may fail with the following error in debug logs:
Credential::GetSerialization: Local user is not allowed to log into PC [Credential.cpp:1140] Credential::GetSerialization: Failed login
Additionally, users may receive an 'invalid username or password' error during login attempts.
Scope
FortiAuthenticator.
Solution
To resolve this issue:
Ensure that the username created in FortiAuthenticator exactly matches the local user account on the Windows PC. The usernames must be identical (case-sensitive and without domain prefix if applicable).
To list local user accounts on the Windows machine, run the following command in Command Prompt:
dir /b C:\Users
Use these usernames when creating local user entries in FortiAuthenticator.
If the Windows PC has a local user `XYZ`, then FortiAuthenticator must also have a user account with the same username `XYZ`.
Failing to match these usernames will result in failed logins and the error mentioned above.
