Help
FortiPAM
FortiPAM allows you to protect, isolate and secure privileged account credentials, manage and control privileged user access, and monitor and record privileged account activity.
ekrishnan
Staff
Staff

Created on ‎11-18-2025 12:38 AM Edited on ‎11-23-2025 07:07 AM By Moderator

Article Id 419408

Technical Tip: LDAP error when trying to verify password

Description This article describes the possible cause for the LDAP error: 'Password verification failed(80090308: LdapErr: DSID-0C090598, comment: AcceptSecurityContext error, data 52e, v4f7c).'.
Scope FortiPAM.
Solution

It is observed when trying to verify a password for a target that the following error is encountered:

 

image.png

 

image.png

 

The above can be seen when navigating to Secrets -> Select the secret with issue -> Logs.

 

Reason:

This is because the 'domain' parameter is not defined for the secret, and this can be checked on the CLI.

 

image.png

 

Debug commands:

 

diagnose wad debug enable category secret

diagnose wad debug enable category pwdchg

diagnose debug enable

 

Example:

 

image.png

 

Solution:

Once the 'domain' parameter is defined, the issue will be resolved.

 

LDAP configuration: (User management -> LDAP Servers).

 

image.png

 

The domain, as per the configuration, is 'kj.ftnt'.

 

config secret target
    edit "10.47.1.41" ----------> Name given to the target.
        set class "Other"
        set template "Testing-RDP-cust"
        set address "10.47.1.41"
        set domain "kj.ftnt"
    next
end

 

Debug exhibiting successful password verification and domain name binding:

 

image.png
Labels:
94
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.