We have been doing some troubleshooting and below are the results
1. We tried the workaround to turn off the Use AD Authentication in the RADIUS Service ... Clients - for a Fortigate Firewall and the authentication works 2. But when we did it for the Forti-Manager or Forti-Analyzer, the authentication failed 3. the user login error in the logs is below - - Windows AD user authentication(mschap) with FortiToken failed:AD auth error:Reading winbind reply failed! (0xc0000001)
The connection to the AD Server is fine... for the sync rules work and connect every 10 mins
The only place where I see the one AD not connected is in the Monitor... Authentication... Windows AD.
the AD authentication for FAC will be needed to speak mschap and translate it to your LDAP server. If you don't join the FAC to the domain (inside the LDAP server settings) you will not be able to offer it, but only PAP will work.
According to the monitor you mention, this is missing, or not working due to invalid settings, password etc.