Running FortiClient EMS 5.4 w/ LDAP
When connecting the domain, I use the credentials, and am using the DN: OU=Group2,OU=Group1,DC=Controller,DC=com
I run test and the test clears, but it won't populate the domain with the endpoints.
We were using this DN just fine until the endpoints stopped populating during sync.
It populates the domain list with Group1 -> Group2, but no endpoints.
Logs show:
[FcmAdDaemon Active Directory Error] Connect LDAP: The LDAP server is unavailable.
Workgroup enumeration is disabled
On my endpoint, it's also showing telemetry can't reach the EMS host.
Much appreciated. If any additional info is needed, let me know.
Is port 389/tcp open from the EMS server to your domain controllers?
Also, I would suggest only using the DN of your root domain rather than trying to filter it by OU at this step: just DC=Controller,DC=com instead of OU=Group2,OU=Group1,DC=Controller,DC=com.
Also, for the Bind type, which do you have selected? I always use Regular, with the UPN for the authorized username.
Can you the check based DN and authenrtication, use curl to test also .
PCNSE
NSE
StrongSwan
 
					
				
				
			
		
| User | Count | 
|---|---|
| 2645 | |
| 1405 | |
| 810 | |
| 688 | |
| 455 | 
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.