Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Anand_Narayana
Contributor

Unable to change the password for ssl vpn users.

hi, I have configured LDAP ssl and imorted the CA certificate. users are able to authenticate using the LDAP ssl but when their password expires they get Error: Permission denied. Any ideas how to solve the issue? below is the configuration that i have set in FG-310B edit " NETWORK-SUPPORT_msft.ing" set server " 172.16.0.1" set cnid " sAMAccountName" set dn " OU=Technology,OU=Test ,DC=msft,DC=ing" set port 636 set type regular set username " CN=Bind User,OU=Automation,DC=msft,DC=ing" set password **** set secure ldaps set ca-cert " CA_Cert_1" set password-expiry-warning enable set password-renewal enable next

Anand

Anand
3 REPLIES 3
Anand_Narayana
Contributor

I could able to resolve this issue myself.

Anand

Anand
dconsentini

Hi Anand,

 

I have the same problem with SSL VPN and domain users. Could you tell me the solution to your case?

 

Thanks!

Anand_Narayana

The "Bind User" should have write permission to change the password, during the initial test the user had just ready permission so it was able to list the user data based but changing the password for the user in AD requires write permission as well.

 

set username " CN=Bind User,OU=Automation,DC=msft,DC=ing"

 

Anand

Anand
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors