Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
JOSIAH_BOZIAH
New Contributor III

Created on ‎06-30-2023 12:24 AM Edited on ‎06-30-2023 01:20 AM

fabric connector not coming up Poll Active directory server does not add Users and Groups to list.

Poll Active directory server does not add Users and Groups to list. When I click Edit and I add users and groups, the Number changes to  from 0 to 3, meaning it added the users and groups. My active directory connector still shows down. see attached images. Not sure what i am missing. when i return to edit users and groups  shows 0 AD.JPGAD2.JPG

I have tried both domain account and local account for the server. Thanks

Labels:
996
0 Kudos
5 REPLIES 5
xshkurti
Staff
Staff

Created on ‎06-30-2023 01:20 AM

@JOSIAH_BOZIAH 

 

Could you please provide the output for following command

diagnose debug fsso-polling detail 1

 

 

 

981
0 Kudos
JOSIAH_BOZIAH
New Contributor III

Created on ‎06-30-2023 01:22 AM

@xshkurti  

FORTIWIFi60E # diagnose debug fsso-polling detail 1
AD Server Status(err: server can not be accessible):
ID=1, name(10.76.12.15),ip=10.76.12.15,source(security),users(0)
port=auto username=sypheit.local\administrator
read log eof=0, latest logon timestamp: Wed Dec 31 19:00:00 1969

polling frequency: every 10 second(s) success(0), fail(376)
LDAP query: success(0), fail(0)
LDAP max group query period(seconds): 0
LDAP status: connected

Group Filter:

978
0 Kudos
xshkurti
Staff
Staff

Created on ‎06-30-2023 01:55 AM

This error:

"AD Server Status(err: server can not be accessible)"

Seems the same as in this old post:

Poll Active Directory issue after installed the Wi... - Fortinet Community

 

Please to through all the pages on that post

 

 

963
0 Kudos
JOSIAH_BOZIAH
New Contributor III

Created on ‎06-30-2023 04:03 PM

i am running FortiOs6.4.5 ..looks like i need to get to 6.4.7 for it to work....i am running windows eerver 2019, so i hope that its patched already...not sure what i need to fix...

939
0 Kudos
Debbie_FTNT
Staff
Staff
In response to JOSIAH_BOZIAH

Created on ‎07-04-2023 12:51 AM

Hey Josiah,

if your Windows Server 2019 is up to date, it should have the relevant patches in place; they were published about two years ago I believe. I would suggest upgrading your FortiGate to at least 6.4.7; we are up to version 6.4.14 in the 6.4 branch by now, and a number of vulnerabilities were patched in between.

After you've upgraded the FortiGate, double-check if the issue persists; if yes, you might want to consider a ticket with Fortinet Technical Support to dig into debugging the local poller and connection to AD more in-depth.

What can sometimes help is to change the format of the user you're trying to authenticate with:

Instead of "sypheit.local\administrator" try "administrator@sypheit.local" for example, or just "administrator", and see if that helps.

+++ Divide by Cucumber Error. Please Reinstall Universe and Reboot +++
899
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.