There are several ways to access the target in FortiPAM. One of the most commonly used methods is Web RDP to the Servers.

A very common error encountered when accessing Windows Servers is the following:

In many cases, it is important to take the WAD debug files and reproduce the error, as follows:

diagnose debug enable
diagnose wad debug enable level verbose
diagnose wad debug enable category secret
diagnose wad debug enable category rdp
diagnose debug console timestamp enable

A couple of alternatives to solve this problem would be as follows:

First Option:

Adjust FortiPAM in the secret configured to do Web RDP as follows, via CLI:

config secret database

    edit xx                                                                      --> This would be the secret ID.

        set rdp-security-level  best-effort         --> RDP by default.

end

Second Option:

Directly in the Target (Windows server), enable the option as shown in the following image.

Note:

If the problem is still not resolved, reproduce the failure and take the SSL debug as follows:

diagnose wad debug enable category http
diagnose debug application sslvpn -1

diagnose debug enable

Open a case with the TAC and share all the information.