Fortiauthenticator ldap auth both dnshostname and samaccountname

thilinapm · ‎04-15-2022

Hi,

Is it possible to use both SamAccountName and DnsHostname authenticated against same LDAP server. I cannot get it worked. If I changed the username attribute to dnshostname as below it authenticates with dnshostname but not with samaccountname, how can I get both working so I can authenticate using both computer name and username ?

Thanks

Thilina

Markus_M · ‎04-16-2022

Hi Thilina,

you need to create 2 LDAP server entries. Not two entries within one LDAP server.

You can define the "realm" that your users are in, if need be.

You will likely already have two RADIUS policies that refer to your user bases.

- wired users, so a switch as a RADIUS client.

- wireless users - a WLC as a RADIUS client.

Best regards,

Markus

- Markus

View solution in original post

kanes39 · ‎04-10-2025

Hi @jbackstrom @Markus_M ,

Do you know if this feature is now supported on version 6.6.2 or any other version that may support it?

Appreciate if someone can assist.

Markus_M · ‎05-10-2025

Hi Kanes39,

there is no change, the FortiAuthenticator supported it all along, but makes it in my weird opinion more logic. FortiAuthenticator won't know there is a host authenticating or a user. While that is probably possible to automate with code change, it is already working as earlier described.

- Markus

Fortiauthenticator ldap auth both dnshostname and samaccountname

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website