Help
FortiMail
FortiMail provides advanced, multi-layer protection against the full spectrum of email-borne threats
cysaw
Staff & Editor
Staff & Editor

Created on ‎06-30-2024 10:26 PM

Article Id 323396

Troubleshooting Tip: FortiMail fails to sync with the LDAP server

Description This article describes how to troubleshoot when the FortiMail fails to sync with the LDAP server.
Scope

FortiMail.
Solution
  1. Make sure the FortiMail can reach the LDAP server over port 389 (LDAP) or port 636 (LDAPS).
  2. Verify if the below system event log is generated on the system event log:


ldapcached: type=User, file=QueryFactory.cpp, line=561, exception=LDAPException( 4 ) , Connection.cpp:470, 'Error: 'Invalid credentials' during bind to ldap://[LDAP IP]:389/'LDAPException( 4 ) , Connection.cpp:508,

 

  1. Do a packet capture in the FortiMail and reproduce the issue and if a similar error is visible in the pcap file like the screenshot below, it means the LDAP Bind Account credential configured in the FortiMail is not correct.


cysaw_0-1719793892323.png

 

 

  1. Go to Profile -> LDAP -> LDAP profile -> Default Bind Option and make sure the LDAP bind account is configured correctly.

 

cysaw_1-1719793892325.png

 

  1. It should work after the LDAP bind account credential is configured correctly in the FortiMail.
543
0 Kudos
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.