Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
FortiLewis
New Contributor

FortiEMS Domain Objects not Syncing

Hello,

 

I am having an FortiEMS AD sync issue that is similar to some other AD sync issues I found in this forum but the actual question is different. FortiClient FortiManager 

 

Why can't my AD sync update the OUs/Groups in my FortiEMS directory?

 

If I change a PC name and it updates on local AD and I run a sync between EMS and AD, nothing happens. The endpoint is moved to workgroup and the old PC name hangs out in the correct OU/group in EMS (even though the device name updated and was not net new in AD). Why is that? Please don't tell me I need to delete the domain and sync from scratch anytime I make changes to AD structure, names, or names of users or devices

 

You will see in screenshots:
3 generic desktop names in the correct OU but the new names of the desktop were assigned to the right users but put into the workgroup in FortiEMS. So it seems there are 2 different records now for the 3 Windows devices.

In AD you will see just one set of 3 devices in the proper OU. Not sure why the AD sync wouldn't grab these details automatically?

 

Workgroup with new PC namesWorkgroup with new PC namesEMS directory with old PC namesEMS directory with old PC namesAD GroupAD Group

3 REPLIES 3
Anonymous
Not applicable

Hello FortiLewis, 

 

Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible. 

 

Thanks, 

   Fortinet Community Team 

Anonymous
Not applicable

Hi FortiLewis,

 

I would suggest that you  create a TAC ticket for the Support team to further investigate the issue.

 

Thank you.

 

FortiLewis
New Contributor

Update:

So this was found to be a known/documented issue in the previous version of EMS 6.4.x... The issue seems to be resolved now that I am on version 6.4.7 !