Poll Active directory server does not add Users and Groups to list. When I click Edit and I add users and groups, the Number changes to from 0 to 3, meaning it added the users and groups. My active directory connector still shows down. see attached images. Not sure what i am missing. when i return to edit users and groups shows 0
I have tried both domain account and local account for the server. Thanks
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Could you please provide the output for following command
diagnose debug fsso-polling detail 1
FORTIWIFi60E # diagnose debug fsso-polling detail 1
AD Server Status(err: server can not be accessible):
ID=1, name(10.76.12.15),ip=10.76.12.15,source(security),users(0)
port=auto username=sypheit.local\administrator
read log eof=0, latest logon timestamp: Wed Dec 31 19:00:00 1969
polling frequency: every 10 second(s) success(0), fail(376)
LDAP query: success(0), fail(0)
LDAP max group query period(seconds): 0
LDAP status: connected
Group Filter:
This error:
"AD Server Status(err: server can not be accessible)"
Seems the same as in this old post:
Poll Active Directory issue after installed the Wi... - Fortinet Community
Please to through all the pages on that post
i am running FortiOs6.4.5 ..looks like i need to get to 6.4.7 for it to work....i am running windows eerver 2019, so i hope that its patched already...not sure what i need to fix...
Hey Josiah,
if your Windows Server 2019 is up to date, it should have the relevant patches in place; they were published about two years ago I believe. I would suggest upgrading your FortiGate to at least 6.4.7; we are up to version 6.4.14 in the 6.4 branch by now, and a number of vulnerabilities were patched in between.
After you've upgraded the FortiGate, double-check if the issue persists; if yes, you might want to consider a ticket with Fortinet Technical Support to dig into debugging the local poller and connection to AD more in-depth.
What can sometimes help is to change the format of the user you're trying to authenticate with:
Instead of "sypheit.local\administrator" try "administrator@sypheit.local" for example, or just "administrator", and see if that helps.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1517 | |
1013 | |
749 | |
443 | |
209 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.