could you post your remote user sync rule configuration? This is where the OTP would be set to enabled. When the user gets synchronized, then the user might get "corrected" again. If that was the case, we could maybe not import the users automatically, but manually, not update them. Usually the users do not really change membership or state, but of course, manual users need to be tracked as well. The user audit report can help on that (like a user hasn't been used since some days).
Hi Markus thanks for the reply. Here are the settings
Now if i understand the comment correct you are probably referring to the "SMS" setting. According to the yellow text box and what i understand from this is that the enabled setting means that it will sync the users from the group mention on the LDAP Filter ONLY for users who have the Mobile Number field
If i select None i have the impressions that it will sync ALL users on the security group mentioned in the LDAP Filter section regarding of mobile phone exists or not.
Cause i've seen it that it does not sync users that DO NOT have an mobile number.
I want to be very clear and i want to understand this.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.