Known issues
This section lists the known issues of this release, but is not a complete list. For inquires about a particular bug, please visit the Fortinet Support website.
Bug ID |
Description |
---|---|
485396 | Sponsor/Admin can place created Guest users into any group. |
526202 | FortiAuthenticator does not check if signature of CSR is valid. |
543729 | RADIUS client service not working after upgrade. |
544691 | Remote LDAP admins have no certificate bindings. |
566145 | Usage Profile "TIME USAGE=Time used" is not triggering COA or disconnect request to FortiGate. |
577877 | Allow bulk unlock for FTM tokens. |
588310 | FortiAuthenticator dropping FSSO login events from DC Agent on failed DNS resolution. |
588346 | An expired certificate is delivered toward WiFi authenticated users. |
589219 | Multiple DC's kerberos traffic after FortiAuthenticator joining the domain with local DC. |
592837 | Sponsor accounts can add guest user accounts to non-guest groups. |
595012 | Should be able to resize the users page column width manually by using mouse. |
601520 | Recurrent log message: Portal was not found in the session, redirecting back to entry point. |
601603 | CLI only supports configuring interfaces port1 to port4. |
602707 | Unable to add multiple alternate DNS names into certificate for user certificates. |
604156 | Packet captures on OCI seem to be corrupt. |
604924 | SAML SSO/Proxy metadata download fails with "invalid_xml". |
606562 | FortiAuthenticator rejects certificate signing requests from FortiGate client with invalid password error. |
615442 | No Kerberos ticket requests (negotiate) on encrypted HTTPS traffic from FortiAuthenticator. |
628815 | Remote SAML user import from Azure AD fails Authorization issue. |
630041 | FortiAuthenticator FSSO - TS Agent sessions stuck at zero after server reboot until FSSOTA service is restarted. |
631600 | SCEP request by certmonger can't be recognized by automatic enrollment request. |
632629 | Smart Connect WPA2-Personal profile fails when WPA2-Enterprise settings are left in place. |
632637 | Smart Connect missing the ability to forget an SSID. |
634084 | Cannot export third party signed certificate with private key when CSR is generated locally on FortiAuthenticator. |
635893 | Change password not working with Checkpoint VPN when 2FA is enabled. |
637028 | SSL connection failed in case of certificate expired error message is not explicit. |
637199 | Add default usage profiles. |
637290 | No FTM push notification with Windows agent 3.0. |
638374 | SCEP - Encryption/hash compatibility with clients. |
645043 | GUI does not show certificate UPN. |
646299 | Nutanix AHV KVM based Hypervisor FortiAuthenticator upgrades from 6.0.4 to 6.1.x fails, and hangs on "Waiting for Database". |
650215 | FortiAuthenticator Windows Agent 3.0 - New RDP connection by the same user is unable to finish due to blank login screen. |
652072 | When LDAP user password expired, user is not prompted for RSA token code (chained token authentication). |
655350 | The lockout policy does not apply to username/token submissions to the /auth API endpoint. |
657522 | SAML authentication fails when AD display name contains a coma (,) and user has admin role. |
660357 | FSSO FortiGate IP filter ignored when global group prefilter is enabled. |
666571 | ";Portal was not found in the session" when registering a guest with non-ASCII characters "Umlauts". |
666636 | Wrong group attributes indicator in RADIUS policy response table for EAP-TLS. |
666782 | If local CA is selected for EAP and no EAP server certificate is present on FortiAuthenticator, radiusd keeps crashing after upgrading to 6.2.0. |
666880 | GUI - Hide SNMP trap option for PSU monitoring for unsupported devices. |
668337 | Allowed hosts configuration through CLI is not reflected in GUI before reboot. |
668916 | Subdomain users can authenticate over FortiAuthenticator Agent installed on workstation in main domain without the token code. |
669054 | Can't install FAC-VM-HV 6.2.0 on server 2012 R2. |
669079 | HTTPS certificate chain is inconsistent/incorrect. |
670811 | Issues with remote SAML user import from Azure AD. |
670827 | FortiGate filtering stops any users sent to FortiGate even though users are member of group/container. |
671345 | FortiAuthenticator Windows Agent prompts for token despite incorrect password, and then does not prompt for user credentials again. |
672750 | When trying to access to self service portal, error "Please enter correct credentials. Note password is case-sensitive" is randomly displayed. |
672987 | After upgrading FortiAuthenticator from 5.4 to 6.x, Apple devices cannot load the FortiAuthenticator captive portal via the system pop-up only. |
673151 | Domain controller query status shows failed with successful queries. |
673303 | Fine-grained menu content has misaligned pointer in SSO/General. |
673319 | Admin cannot log in to approve the self-registration when group filters are set without admin user in Guest Portal policy. |