Hi,
We have a Windows Server 2019 Datacenter Edition AD Server integrated with Fortigate for VPN users, and we are planning to change the version of the AD Server to Standard Edition.
Everything will be the same as the original except the version.
My question if the LDAP integration will remain intact or will it need to be reconfigured in Fortigate again, and what about the users, will they have to be imported again from the LDAP ?
Thank You
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello @huud ,
Probably you don't need to make any changes on the FortiGate side. Because FortiGate isn't interested in the Windows server version. Fortigate just cares about the AD tree and credential information. If you do not make any changes to that information(AD tree, CN, DN, User information fields, etc.), you don't need to change anything on the FortiGate side.
If you use LDAPS instead of LDAP, you need to install the new AD certificate to FortiGate.
Hello @huud ,
Probably you don't need to make any changes on the FortiGate side. Because FortiGate isn't interested in the Windows server version. Fortigate just cares about the AD tree and credential information. If you do not make any changes to that information(AD tree, CN, DN, User information fields, etc.), you don't need to change anything on the FortiGate side.
If you use LDAPS instead of LDAP, you need to install the new AD certificate to FortiGate.
Thank You,
The question was in relation to the Certificates and/or UUID being involved between the AD Server and Fortigate. As its known certificates and UUID are unique, just trying to understand if this might impact the connectivity.
Hello @huud ,
If you use LDAP instead of LDAPS you do not need to change the certificate. Frankly, I'm not sure about UUID. I think FortiGate uses CN to pull users and groups.
Also, I think you can try that before changing the server.
Thanks @ozkanaltas
The fortigate has LDAPS configured, and I tested this in a lab environment and manage to change the AD server without changing anything on the Fortigate side, without issues..
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1641 | |
1069 | |
751 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.