Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
clicerioneto
New Contributor

Poll Active Directory issue after installed the Windows Server update KB5004948

Hi,

 

After applied Windows cumulative update KB5004948 in my environment, the Poll Active Directory is appearing the following error:

# diagnose debug fsso-polling detail 1 AD Server Status(err: server can not be accessible):

 

The Fortigate is running with FortiOS 6.2.9.

 

I have opened a ticket with Fortinet support, but I didn't receive yet a reply about the solution to fix this issue.

 

Someone is with this same issue or has a solution to solve it?

27 REPLIES 27
Donnei_Tsai
New Contributor

We also have the same issue. but still not resolve. Will call Fortinet Support help to check

bbilut
New Contributor III

Same issue here.

 

When I look at my domain controller security logs it looks like the login ID is not being reported. It just says NULL SID where the userID should be. Like I said problem started after applying July patches to my DC's.

eti_andrei
New Contributor III

This was fixed in the latest FortiAuthenticator release, so hopefully the same fix will be coming to FortiOS shortly.

bbilut
New Contributor III

Seems like a Microsoft issue to me.

 

When I look at event logs on domain controller the 4624 events show "NULL SID" as the user now. So FSSO can't really get the info it needs. That's at least what I'm seeing.

bbilut
New Contributor III

After reading this article about changes MS made in the June patch I figured out my issue https://www.bleepingcomputer.com/news/microsoft/windows-10-kb5003637-update-may-block-remote-access-...

 

I had to patch my FSSO server up to July patch level for it to be able to read remote event logs from my 3 domain controllers which were also at the July patch level.

JOSIAH_BOZIAH
New Contributor III

@bbilut I am having the same issue, can you elaborate a lil more? do i need to patch my windows server 2019 , can you provide me the link to download the patch?

Donnei_Tsai

Hi, Can you share what's Fortinet's product has been fix this issue? have any documents?  Thanks

Donnei_Tsai

The fortinet support tell us. The issue are a known issue. and the bug ID for this is 725056. 

now is under research and develop fix. FYI

clicerioneto
New Contributor

I have updated the Windows 2016 servers with the last patch - 2021-07 Cumulative Update for Windows Server 2016 for x64-based Systems (KB5004238), but the issue is not solved. 

 

I'm waiting for Fortinet support about the solution. 

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors