Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

SSL VPN with LDAP authentication - Invalid credentials

Hi guys.


I have FortiGate 60E on which I'm trying to configure SSL VPN with authentication against Active Directory Directory Services.

On the Edit LDAP Server page I can see the Connection status as Successful.

I am also 100% sure that on the Edit User Group the correct security group is selected under Remote Groups section.

However, when I try to use Test User Credentials I get:

Connection status - Successful

User credentials - Invalid credentials

Tried in different formats like username, domain\username, username@domain.local - no difference at all.

Any attempt to establish SSL VPN connection with FortiClient ends up with the error message "Unable to logon to the server. You username or password may not be configured for this connection. (-12)"


I can't see anything I configured wrong so got stuck completely and run out of ideas as to what else I should check. 

Whoever has this issue and was able to solve it please advise what else I need to re-check or re-configure.


Thanks in advance.

New Contributor

RESOLVED - I tried a lot of things so can't say what exactly was the solution in my case. 


I had the exact same issue. 

After I changed the Common Name Identifier to sAMAccountName the issue was fixed.


User & Device > LDAP Servers > Edit Server > Set the Common Name Identifier to sAMAccountName


Brilliant - User & Device > LDAP Servers > Edit Server > Set the Common Name Identifier to sAMAccountName worked for me as well :)