Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

FortiManager redundant LDAP servers



I'm configuring FortiManager LDAP integration with Windows AD DS and I want to specify redundant LDAP servers to authenticate users.


In Remote Authentication Server when I configure an LDAP server in Server Name/IP I define the IP of the LDAP server and the authentication works perfect.

But I want to add another LDAP server for redundancy. So, I define in Advanced Options in the field secondary-server the secondary IP of another LDAP server.

In a scenario the first LDAP server is down, the secondary server never try to establish a TCP connection.


Any ideas of how to configure redundant LDAP servers?


Kind Regards,

Rogério Ferreira.




May I know the firmware version of the Fortimanager?


Also, may I know if you want the LDAP server for Fortimanager admin user?


You may add the secondary server by following this path:

System settings >> Admin >> Remote Auth Server >> edit the LDAP server >> Secondary-server








Hello Manosh,


I'm doing some test in lab to deploy in a live solution and the FMG version is 7.0.4.


I want to configure wildcard administrators, and I configure a new administrator for the integration.

And the setup is working perfect with specific Windows groups, that I define in 'Group' in Remote Auth Server.


I have configured a secondary server as you specify but when I put down the interface on the first LDAP server FMG continue to try to resolve the ARP and never send a TCP to the second server.


Thanks for your reply.


Rogério Ferreira.


My problem still happen in FMG 7.2.0 version.


If I replace the IP address on LDAP connection at "Server Name/IP" to the secondary server the user get authenticated correctly and has access to FMG.


Rogério Ferreira.

Top Kudoed Authors