Help
FortiNAC
NOTE: FortiNAC is now named FortiNAC-F. For post-9.4 articles, see FortiNAC-F. FortiNAC is a zero-trust network access solution that provides users with enhanced visibility into the Internet of Things (IoT) devices on their enterprise networks.
cmaheu
Staff
Staff

Created on ‎01-05-2021 06:07 AM

Article Id 190942

Technical Note: User registered to wrong domain when member of multiple

Description
When a user specifies the domain during registration (e.g. user@domain or domain\user) using the Persistent Agent, the user record is associated with the incorrect domain. 

This occurs when user is a member of more than one domain and one or more of the following apply:
  • Multiple LDAP servers are integrated with the appliance
  • Domain names are not specified in all LDAP servers under System > Settings > Authentication > LDAP.



With PersistentAgent and DirectoryManager debug enabled, messages similar to the following are seen:

/bsc/logs/output.nessus
yams.PersistentAgent FINER :: 2020-12-03 11:22:33:068 :: Session Notification received: <domain name>\<username> SessionLogon

/bsc/logs/outputmaster
DirectoryUser::getDirectoryUser() domain = null, user = <username>



For debugging instructions, see related KB article below.


Scope
Version: 8.7 and 8.8

Solution
To be addressed in a future release.


ID 0682977





Related Articles

Technical Note: Gather logs for debugging and troubleshooting

Labels:
223
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.