Hi,
We upgraded to v6.4.6, build1043 (GA) and we notice that on every sync from AD in order to retrieve the users it always resets on ALL users the option to have Token enable.
What i mean is we have many users were the OTP is disabled for some reason (we use SMS service), like below, one user the OTP is disabled
Now on every sync which we increased for one hour to one day in order to manage the issue (from Edit Remote LDAP User Synchronization Rule)
what is happening is that for ALL users the option ONE Time Password (OTP) Authentication (from the first picture) gets enabled again.
That was not the issue on the previous version.
How can we stop this from happening ?
Thanks
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Is there any update on this ?
It starts to be really annoying and time-consuming to return the settings on each user.
Please for your assist
Hi Vassilis,
could you post your remote user sync rule configuration? This is where the OTP would be set to enabled. When the user gets synchronized, then the user might get "corrected" again. If that was the case, we could maybe not import the users automatically, but manually, not update them. Usually the users do not really change membership or state, but of course, manual users need to be tracked as well. The user audit report can help on that (like a user hasn't been used since some days).
Best regards,
Markus
Hi Markus thanks for the reply. Here are the settings
Now if i understand the comment correct you are probably referring to the "SMS" setting. According to the yellow text box and what i understand from this is that the enabled setting means that it will sync the users from the group mention on the LDAP Filter ONLY for users who have the Mobile Number field
If i select None i have the impressions that it will sync ALL users on the security group mentioned in the LDAP Filter section regarding of mobile phone exists or not.
Cause i've seen it that it does not sync users that DO NOT have an mobile number.
I want to be very clear and i want to understand this.
Regards,
Vassilis
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1679 | |
1085 | |
752 | |
446 | |
226 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.