Updating the Server IP/Name, Common Name Identifier, or Distinguished Name parameters triggers the error 'This field is required'.

When the same update is executed through the CLI, the system returns the message 'username and password unset', as illustrated below.

FortiGate3 (ADLDAP) # show
config user ldap
    edit "ADLDAP"
        set server "172.31.80.9"
        set server-identity-check disable
        set cnid "sAMAccountName"
        set dn "DC=Fortinet,DC=DomainController1"
        set type regular
        set username "carlos"
        set secure ldaps
        set ca-cert "CA_Cert_1"
        set port 636
        set password-expiry-warning enable
        set password-renewal enable
    next
end

FortiGate3 (ADLDAP) # set server 172.31.80.8
Username and password unset.

FortiGate3 (ADLDAP) # show
config user ldap
    edit "ADLDAP"
        set server "172.31.80.8"
        set server-identity-check disable
        set cnid "sAMAccountName"
        set dn "DC=Fortinet,DC=DomainController1"
        set type regular
        set secure ldaps
        set ca-cert "CA_Cert_1"
        set port 636
        set password-expiry-warning enable
        set password-renewal enable
    next
end

FortiGate3 (ADLDAP) # end
Attribute 'username' MUST be set.
Command fail. Return code -56

This error occurs because each time a change is made, the Username and Password credentials must be entered again.

For security reasons, changing key binding parameters (server IP address, CNID, or DN) automatically unsets/clears the stored username and password credentials. These sensitive fields are not displayed in the GUI or show commands for security, so the system forces re-entry to prevent accidental use of stale or mismatched credentials with the new settings.