I have FortiGate 60E on which I'm trying to configure SSL VPN with authentication against Active Directory Directory Services.
On the Edit LDAP Server page I can see the Connection status as Successful.
I am also 100% sure that on the Edit User Group the correct security group is selected under Remote Groups section.
However, when I try to use Test User Credentials I get:
Connection status - Successful
User credentials - Invalid credentials
Tried in different formats like username, domain\username, firstname.lastname@example.org - no difference at all.
Any attempt to establish SSL VPN connection with FortiClient ends up with the error message "Unable to logon to the server. You username or password may not be configured for this connection. (-12)"
I can't see anything I configured wrong so got stuck completely and run out of ideas as to what else I should check.
Whoever has this issue and was able to solve it please advise what else I need to re-check or re-configure.
Thanks in advance.
RESOLVED - I tried a lot of things so can't say what exactly was the solution in my case.
I had the exact same issue.
After I changed the Common Name Identifier to sAMAccountName the issue was fixed.
User & Device > LDAP Servers > Edit Server > Set the Common Name Identifier to sAMAccountName
Brilliant - User & Device > LDAP Servers > Edit Server > Set the Common Name Identifier to sAMAccountName worked for me as well :)
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2023 Fortinet, Inc. All Rights Reserved.