Hello!

I need some help. I have 3 ADs server, where my FSSO agents are installed in collector mode. Yesterday right around mid day we started to receive reports that the authentication has droped for several users (and by several i mean almost 1000 users). Most have than already athenticated on the login portal Fortigate displays when not using NTLM or FSSO to auto login; a few users with NTLM also did succesfully logged on. On trying to diagnose the problem i noticed that there where only 10 users using FSSO (looked at "Firewall User Monitor on my fortigate). Furter diagnostic directly on the FSSO agent on AD2 have also showed only 10-11 users on " Show logged on users".

I have validated and i could see login and logoff events on thge "event Viewer", still can:

I took a look at the FSSO log directly and i could see me Fortigate connecting on that agent, but i don't see a disconnect log:

My external connector on every Fortigate has all 3 agents configured, some althought the AD 2 where configured as primary was selecting the AD1 server (in bold). I don't know if that unit experienced problems though. When i altered the primary from AD2 to AD1, my Fortigate received every logged on events and the lists was filled with people authenticated using FSSO and all was back to normal. I have re inserted the password for the user on the service (service.msc) but i don't have the information about the user configured on the FSSO agent and on my Fortigates. All should be the same. What explanation could there be for FSSO to simply stop on one of my servers?