Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Tested on 51e, 60d and 300d, no issues
Seems a very solid build with no issues that affect me - and also resolved a IPsec bug I was experiencing
Thanks for sharing!
From which version of FortiOS have you updated?
Have you had a chance to test authentication based on LDAP, which stopped working in 5.6.6 but works fine in 5.6.5?
Sorry - I don't use authentication.
I was running 5.6.5.
hnmr wrote:Thanks for sharing!
From which version of FortiOS have you updated?
Have you had a chance to test authentication based on LDAP, which stopped working in 5.6.6 but works fine in 5.6.5?
You may have a configuration issue, as LDAP authentication (we use LDAPS) has been working fine on 5.6.6 as well as all prior 5.6 releases we have used.
Nope, we are doing well.
Unfortunately it is a confirmed bug. Wether the LDAP(S) authentication works or not, depends on number of groups user accounts are member of and probably how deep the nested group structure is. Other parameters may play a role, but I am not aware of them.
Last info I have received: the issue should be resolved in 5.6.8.
Thanks for the follow-up. Hopefully we don't encounter this LDAP issue before 5.6.8 is released.
I noticed that the release notes for FortiOS 5.6.7 lists an LDAP authentication issue as resolved, though I'm not certain if this is the exact issue hnmr had:
"519826 fnbamd crashing and ldap auth stopped working after upgrade."
By the way, we also haven't experienced any issues with LDAP authentication (LDAPS) on FortiOS 5.6.6.
We have worked around the issue by reducing the number of groups to search by addinig an additional condition to the filter.
I assume that there are more bugs than they have resolved in 5.6.7 ;)
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1633 | |
1063 | |
751 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.