Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
simonpt
New Contributor III

LDAP bind password restrictions

Hi Does anyone know what restrictions FortiOS 3.0 MR7 places on LDAP bind passwords? I' ve got our FG310B successfully authenticating with AD, but only when I use a short, weak bind password (8 characters). If I try a stronger passphrase (20 characters), user authentication fails with these debug messages:
 fnbamd_fsm.c[886] handle_req-Rcvd auth req 10354705 for <user> in SSL_VPN opt=19 prot=8
 fnbamd_ldap.c[375] resolve_ldap_FQDN-Resolved address <ldap-server>, result <ip-address>
 fnbamd_ldap.c[761] fnbamd_ldap_get_result-Auth denied
 fnbamd_ldap.c[769] fnbamd_ldap_get_result-Going to DONE state res=1
 fnbamd_auth.c[1340] fnbamd_auth_poll-Result for ldap svr <ldap-server> is denied
 fnbamd_comm.c[104] fnbamd_comm_send_result-Sending result 1 for req 10354705
I' ve tested the stronger passphrase from LDP and it binds fine. It' s only the FG that can' t handle it. Thanks - Simon
0 REPLIES 0