Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

Fortiauthenticator and Netscaler



Recently I've deployed one 2FA with Nestscaler and Fortiauthenticator + LDAP, I've imported the LDAP users and the authentication with 2FA is working.The problem arrives whe the user password expires, How can I send the password renewal to the user?


My best regards and thank you in advance.

Not applicable

Hello @ManCarreras 
Welcome to Fortinet community and Thank you for your post. Hopefully, you've been keeping safe and doing well!
You are trying to send password renewal to the user. We will have this looked and will reach you back as soon as possible.
You should receive an update from one of the team member soon. Thanks for your patience on this.

Dear Aashiq,


Thanks for your reply,


I've have achieve to get the renewal password request by enabling LDAPS and MS-CHAPv2 between Netscaler 13 and Fortiauthenticator, but when the user tries to change the password returns an Invalid password message.




Hello @ManCarreras 
There is an option under Authentication --> User account policies --> General
"Request password reset after token verification"
When you disable this option password change will work, as it will first use the password change and then token after it.
Probably token is interrupting the flow of password change in this case.
For example Fortigate and Forticlinet can work with both options, but in this case Citrtix Netscaler or any other third party radius client will have to have this option disabled if it not supporting the token in the middle of flow.
Lazar Marinovic
Best regards

Lazar Marinovic

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Top Kudoed Authors