Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
tanr
Valued Contributor II

FortiOS 5.6.7 is out

FortiOS 5.6.7 is out.  https://docs.fortinet.com/d/fortios-5.6.7-release-notes 

 

Lots of bug fixes.

9 REPLIES 9
James_G
Contributor III

Tested on 51e, 60d and 300d, no issues

 

Seems a very solid build with no issues that affect me - and also resolved a IPsec bug I was experiencing

hnmr
New Contributor III

Thanks for sharing!

 

From which version of FortiOS have you updated?

 

Have you had a chance to test authentication based on LDAP, which stopped working in 5.6.6 but works fine in 5.6.5?

James_G
Contributor III

Sorry - I don't use authentication.

 

I was running 5.6.5.

 

fgtenterprise

hnmr wrote:

Thanks for sharing!

From which version of FortiOS have you updated?

Have you had a chance to test authentication based on LDAP, which stopped working in 5.6.6 but works fine in 5.6.5?

You may have a configuration issue, as LDAP authentication (we use LDAPS) has been working fine on 5.6.6 as well as all prior 5.6 releases we have used.

hnmr
New Contributor III

Nope, we are doing well.

Unfortunately it is a confirmed bug. Wether the LDAP(S) authentication works or not, depends on number of groups user accounts are member of and probably how deep the nested group structure is. Other parameters may play a role, but I am not aware of them.

hnmr
New Contributor III

Last info I have received: the issue should be resolved in 5.6.8.

fgtenterprise

Thanks for the follow-up.  Hopefully we don't encounter this LDAP issue before 5.6.8 is released.

chkdsk

I noticed that the release notes for FortiOS 5.6.7 lists an LDAP authentication issue as resolved, though I'm not certain if this is the exact issue hnmr had:

 

"519826 fnbamd crashing and ldap auth stopped working after upgrade."

 

By the way, we also haven't experienced any issues with LDAP authentication (LDAPS) on FortiOS 5.6.6.

hnmr
New Contributor III

We have worked around the issue by reducing the number of groups to search by addinig an additional condition to the filter. 

I assume that there are more bugs than they have resolved in 5.6.7 ;)

 

Labels
Top Kudoed Authors