Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
mzia259
New Contributor

Change password failed

Hello folks,

 

The setup is as follows:

-The users use FortiClient 5.4 to connect to the FG (running 5.4.4) through SSL VPN.

-The users is authenticated by AD (Windows 2008 R2) using LDAPS.

-The users can successfully authenticated, and change their passwords (if the passwords are expired, or the user account has to change the password at next login).

 

The problem is, if the user is configured to use two-factor authentication (FortiToken), the user can login but cann't change his password and get "Permission denied (-455)" error, as follows:

-The user is asked to enter his username/password.

-Then is asked to enter the new password.

-Then get the above error message.

-In the AD, nothing change.

 

Could anyone help me in resolving this issue?

 

BR,

M Zaki

2 Solutions
MikePruett
Valued Contributor

Good to know Rojekj. Thanks for updating us.

View solution in original post

Mike Pruett Fortinet GURU | Fortinet Training Videos
rojekj
New Contributor III

Yup, I can confirm that 5.6.0 is free of this bug. Password change works for both tokened and untokened users. :)

View solution in original post

7 REPLIES 7
rojekj
New Contributor III

Same problem here. For me it is a bug, there simply are no more settings that I can try to resolve this issue.

Opened a support ticket and waiting for Fortinet answer. Will share it here.

rojekj
New Contributor III

Fortinet confirmed that there is a bug in 5.4.x branch, and the problem should be resolved in 5.4.5.

Other option is to downgrade to 5.2.10, as 5.2.x branch is not affected.

MikePruett
Valued Contributor

Good to know Rojekj. Thanks for updating us.

Mike Pruett Fortinet GURU | Fortinet Training Videos
Huey
New Contributor III

rojekj wrote:

Fortinet confirmed that there is a bug in 5.4.x branch, and the problem should be resolved in 5.4.5.

Other option is to downgrade to 5.2.10, as 5.2.x branch is not affected.

Any confirmation yet?  There is no 5.4.5 so I expect the fix will be in 5.6...?

Layer8 Consulting

http://www.L8C.com

 

Layer8 Consulting http://www.L8C.com
rojekj
New Contributor III

Yup, I can confirm that 5.6.0 is free of this bug. Password change works for both tokened and untokened users. :)

Huey
New Contributor III

Good to know on 5.6.  I also was able to confirm that it is fixed in 5.4.5 which should be out any day now.  How do you like 5.6?  Any glaring issues w/ it?

Layer8 Consulting

http://www.L8C.com

 

Layer8 Consulting http://www.L8C.com
rojekj
New Contributor III

No issues so far. Some annoying GUI bugs are fixed. Only CPU usage is higher by 5%. Overall I'm happy with it :)

Labels
Top Kudoed Authors