Known issues
This section lists the known issues of this release, but is not a complete list. For inquires about a particular bug, please visit the Fortinet Support website.
| Bug ID | Description |
|---|---|
| 540551 | FortiAuthenticator should automatically recognize the configured IP address on ports other than port1 in Azure cloud. |
| 540904 | LB master should ratelimit its rechecks / changelog entries generated. |
| 542734 | SMS gateway on FortiAuthenticator is not delivering the token when used with RADIUS authentication. |
| 537871 | Unable to authenticate LDAP attribute rfc822MailMember on FortiAuthenticator-VM. |
| 542808 | CLI HA Status shows "Status: Error Status" on new build/factory reset FortiAuthenticator units. |
| 415685 | FortiToken-only users can log into a service provider configured to enforce two-factor authentication if the user already has an active session. |
| 482900 | User registration via Guest Portal requires the approver to enable radius authentication first. |
| 541826 | Assigning a profile to an admin user that restricts the 'Administrator' permission to read-only changes the user type to Sponsor. |
| 532604 | The Social Login Users list displays 'unknown' in the User column. |
| 526202 | FortiAuthenticator does not check if signature of CSR is valid. |
| 530392 | Cannot log in with social users on Guest Portal if their account has expired. |
| 468513 | Excluding a user from SSO causes FSSO server to exit and not recover. |
| 536211 | FortiAuthenticator should limit FSSO passwords to 15 characters since that is the limit on FortiGate. |
| 524131 | There is a multisecond delay between queuing and sending of push notifications |
| 516358 | SQL connections don't reliably timeout when underlying VPN tunnels time out. |
| 541043 | SAML authentication with Azure UUID mapping does not include SSO group for user as expected. |
| 542094 | SAML SSO cannot handle SAML assertion request: invalid information for passport-saml signature. |
| 519319 | FortiAuthenticator VM may crash when LDAP Remote user sync rules run. |
| 538244 | Add option for SAML IdP to send Subject NameID in "example.com\username" format. |
| 537628 | For new deployments and after factory resets, FortiAuthenticator VM can experience a slow startup. |
| 528231 | The FortiAuthenticator log details state "cannot add any more users because limit has been reached". |
| 538216 | FortiAuthenticator FSSO service is unstable due to crashing DC agent daemon. |
| 540932 | FSSOMA nested group search fails if nested via primary group. |
| 540933 | Source IP is missing for authentication requests coming from FSSO Windows agent. |
| 505897 | Chained token authentication with remote RADIUS server breaks PCI. |
| 540611 | When user account gets locked because time/data usage is exceeded, FortiAuthenticator doesn't ask for a token, even if PCI is enabled. |
| 540587 | GUI crash occurs when clicking a guest user in an LB slave. |
| 511093 | In an HA setup, Radiusd on the LB slave crashes if a large custom RADIUS dictionary is uploaded to the master. |
| 538059 | Importing an ecdsa-signed certificate/key causes an error dump. |
| 516357 | Toggling load-balancing off and back on in an existing cluster can impact availability for hours/days. |
| 537298 | For Azure, NameID assertion in SAML should reference the username instead of the UserID. |
| 506112 | REST API call fails to activate FortiGuard Messaging license. |
| 536029 | Deactivate the option to disable secure passwords after 30 days have passed. |
| 532652 | Users Audit Report not working on Slave of LB cluster. |