Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

Active Directory Integration

Hi All,


I'm having an issue with the LDAP integration.


First here's my setup overview:

  • Windows Server 2016 with Active Directory role.
  • LDAP Server installed in the same AD[ul]
  • Because default LDAP port cannot be used when AD is also installed, I used port 50724[/ul]
  • Now my issue is the configuration of LDAP in the Firewall[ul]
  • I am following this youtube guide to setup the LDAP, but I changed the port to 50724. But when testing the connection, I always get ldap_80 error
  • When I changed the port to the default (389). The connection is successful but when creating Groups or LDAP user, the query returns empty.[/ul][/ol]

    Note: Everything is running in EVE-NG and Firewall image is a KVM.



  • 1 REPLY 1

    Hello jcubio,

    You can run packet sniffer or use packet capture on interface facing ldap, to see what goes wrong with communication. The output can be opened in wireshark. LDAP protocol is easy to read and is well documented. It would be better to see your ldap configuration as well. Or you can run in SSH:


    diag debug reset

    diag debug console timestamp enable

    diag debug application fn -1

    diag debug enable

    diag test authserver ldap <ldap_server_name_as_in_fortigate> <UserName> <password>


    once the output finishes/issue is reproduced, disable debug by:

    diag debug disable

    diag debug reset

    We should see what the ldap returns in the output.

    Best Regards,



    Top Kudoed Authors