FSSO (Single Sign-On to Windows AD) - No agent - 6.2.3

Author
andrewpearce
New Member
  • Total Posts : 2
  • Scores: 0
  • Reward points: 0
  • Joined: 2020/03/19 08:26:50
  • Status: offline
2020/06/25 12:07:12 (permalink)
0

FSSO (Single Sign-On to Windows AD) - No agent - 6.2.3

Hello All,
 
Trying to configure the fsso-polling with active directory to see if it will work better in our environment than the FSSO Agent.
 
This is the error I get:
 
Fortigate # diagnose debug fsso-polling detail 1
AD Server Status(connected):
ID=1, name(10.0.x.x),ip=10.0.x.x,source(security),users(0)
port=auto username=polling
read log eof=1, latest logon timestamp: Thu Jun 25 15:01:05 2020
polling frequency: every 10 second(s) success(18), fail(0)
LDAP query: success(0), fail(5)
LDAP max group query period(seconds): 6
LDAP status: connected
 
Fortigate # 
di test authserver ldap LDAP polling *********
authenticate 'polling' against '10.0.x.x' succeeded!
Group membership(s) - CN=NoLogonAccess,CN=Users,DC=test,DC=test,DC=ADS
CN=Domain Admins,CN=Users,DC=test,DC=test,DC=ADS
CN=Domain Users,CN=Users,DC=test,DC=test,DC=ADS
 
My LDAP queries are failing... even though I am able to authenticate with the credentials and there are no errors on the AD server.
 
Any help would be appreciated...
 
post edited by andrewpearce - 2020/06/26 06:50:16
#1

0 Replies Related Threads

    Jump to:
    © 2020 APG vNext Commercial Version 5.5