Help
FortiNAC
NOTE: FortiNAC is now named FortiNAC-F. For post-9.4 articles, see FortiNAC-F. FortiNAC is a zero-trust network access solution that provides users with enhanced visibility into the Internet of Things (IoT) devices on their enterprise networks.
cmaheu
Staff
Staff

Created on ‎01-29-2023 06:46 AM Edited on ‎05-09-2023 09:23 AM By Staff

Article Id 244105

Technical Tip: LDAP connection failure after upgrade to 9.2.7 or 9.4.2

 

Description

This article describes the possible behavior with LDAP authentication after upgrading to 9.2.7 or 9.4.2.

 

In these versions, both primary and secondary LDAP servers are checked on startup by FortiNAC. 

If the connection to the secondary LDAP server fails, this is treated as a total failure.

 

Symptoms:

- Unable to login to admin UI using LDAP credentials post upgrade.

- Users unable to register in FortiNAC using LDAP credentials.
Scope FortiNAC version 9.2.7 GA and 9.4.2.
Solution

Workaround:
1) Log in to Admin UI using a local account.
2) Navigate to: System > Settings -> Authentication -> LDAP.
3) Modify LDAP configuration:

- Ensure that secondary IP/FQDN is reachable.

Important:  If using SSL or STARTTLS secondary server value must be FQDN for certificate validation.

- If the Secondary server is not reachable, remove the Secondary Server value.

- Verify if the FortiNAC is able to validate credentials.

 

Solution: Addressed in FortiNAC version 9.2.8, 9.4.3 and later
346
0 Kudos
Submit Article Idea
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.