Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
adem_netsys
Contributor

FortiSIEM external auth

Hello guys,

 

I made ldap config with external authentication, I created user on cmdb side but it gives error when I test it. what could be the cause?

 

6 REPLIES 6
AEK
Honored Contributor

Hi

Can you share the error?

AEK
AEK
adem_netsys

When I test it, it gives the error "Invalid user name or password." but I created a user on cmdb and assigned it to external and there is a user on active directory.

Sx11
Staff
Staff

Hi adem_netsys,

 

in this case double-check the External authentication profile you have assigned to that external user in Settings>General>External authentication profile.

You must specify the DN and port 389 for LDAP.

 

If it still does not work check communication with LDAP server with a pcap and verify the response:

tcpdump -i any host <LDAP_IP> and port 389 -vvv

 

Regards

sx11
adem_netsys

I think I see the problem. These steps alone are not enough, we need to do credential and discovery first. Do you think it is necessary to keep the users in the tenant structure on the super side or where the tenant is?

adem_netsys
Contributor

I want to make sure if we need to define as credential for external auth definitions to be successful.

Sx11
Staff
Staff

If these are users that will operate only on specific tenants than better to move them where the tenant is by organization. Basically configure the administration on the need-to-know principle.

sx11
Top Kudoed Authors