Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

Release Notes

Known issues

This section lists the known issues of this release, but is not a complete list. For inquires about a particular bug, please visit the Fortinet Support website.

Bug ID

Description

655350 The lockout policy does not appear to apply to username/token submissions to the /auth API endpoint.

606760

HA cluster and FortiAuthenticator GUI does not reflect correct HA status when the primary fails and the secondary becomes the new primary.

701758

Problem setting static IP address on a FortiAuthenticator-VM installed on a XenServer.

637028

SSL connection fails in case of the certificate expired issue is not explicit enough.

692839

Local cert for the GUI rejected despite SAN field.

697447

Octet/ASCII conversion for all RADIUS attribute-value pairs.

697969

SCEP errors displayed when there is no enrollment request from the client (FortiGate).

676985

Unable to import all FTK hardware tokens from the same purchase order; need to add them all manually.

526202

FortiAuthenticator does not check if the signature of CSR is valid.

669054

Unable to install FortiAuthenticator-VM-HV 6.2.0 on server 2012 R2.

709007

Error when importing a remote LDAP user.

646299

Nutanix AHV KVM based Hypervisor FortiAuthenticator upgrade from 6.0.4 to 6.1.x fail hangs on "Waiting for Database".

693151

Allow deletion of the expired user and the local service certificates.

638374

SCEP - Encryption/hash compatibility with clients.

676532

When FortiAuthenticator has a RADIUS client set as a subnet, RADIUS accounting disconnect messages are not sent.

632248

Unable to provide publisher details/assign code signing certificate to the Smart Connect profile.

592837

Sponsor accounts can add guest user accounts to non-guest groups.

680423

FortiAuthenticator Syslog FSSO injects speech mark (") around external user and group fields where none exist in the raw log.

710914

FortiAuthenticator limits various user fields to 30 characters, causing remote LDAP sync failures unexpectedly.

711940

Raid widget is showing wrong status.

709395

High CPU utilization by wmid process.

710931

Unable to import users by group membership from OpenLDAP when a group is added in an OU.

694303

Connection between FortiAuthenticator and the Active directory crashes; customer cannot access the device.

631600

SCEP request by certmonger cannot be recognized by automatic enrollment request.

695110

Corp FortiAuthenticator SAML login failure to mantis after VPN is disconnected.

712263

HTTP services - CRL Downloads (/cert/crl) enabled, but we still get warning that HTTP access needs to be enabled.

680776

AP HA primary cannot change mgmt interface access configuration, and the option does not sync from the primary either.

709744

Script errors on logging in to Microsoft Teams using SAML (FortiAuthenticator as the idP).

685172

FortiAuthenticator A-P running in v6.2.1 does not sync with the secondary unit pre-authentication warning message, CLI and GUI timeout.

632239

Smart Connect should not require user to select the OS.

711675

Some users are not receiving push notification prompt on their mobile phone.

711676

Feature(monitors interface stability period) not visible on FortiAuthenticator HA cluster GUI.

Known issues

This section lists the known issues of this release, but is not a complete list. For inquires about a particular bug, please visit the Fortinet Support website.

Bug ID

Description

655350 The lockout policy does not appear to apply to username/token submissions to the /auth API endpoint.

606760

HA cluster and FortiAuthenticator GUI does not reflect correct HA status when the primary fails and the secondary becomes the new primary.

701758

Problem setting static IP address on a FortiAuthenticator-VM installed on a XenServer.

637028

SSL connection fails in case of the certificate expired issue is not explicit enough.

692839

Local cert for the GUI rejected despite SAN field.

697447

Octet/ASCII conversion for all RADIUS attribute-value pairs.

697969

SCEP errors displayed when there is no enrollment request from the client (FortiGate).

676985

Unable to import all FTK hardware tokens from the same purchase order; need to add them all manually.

526202

FortiAuthenticator does not check if the signature of CSR is valid.

669054

Unable to install FortiAuthenticator-VM-HV 6.2.0 on server 2012 R2.

709007

Error when importing a remote LDAP user.

646299

Nutanix AHV KVM based Hypervisor FortiAuthenticator upgrade from 6.0.4 to 6.1.x fail hangs on "Waiting for Database".

693151

Allow deletion of the expired user and the local service certificates.

638374

SCEP - Encryption/hash compatibility with clients.

676532

When FortiAuthenticator has a RADIUS client set as a subnet, RADIUS accounting disconnect messages are not sent.

632248

Unable to provide publisher details/assign code signing certificate to the Smart Connect profile.

592837

Sponsor accounts can add guest user accounts to non-guest groups.

680423

FortiAuthenticator Syslog FSSO injects speech mark (") around external user and group fields where none exist in the raw log.

710914

FortiAuthenticator limits various user fields to 30 characters, causing remote LDAP sync failures unexpectedly.

711940

Raid widget is showing wrong status.

709395

High CPU utilization by wmid process.

710931

Unable to import users by group membership from OpenLDAP when a group is added in an OU.

694303

Connection between FortiAuthenticator and the Active directory crashes; customer cannot access the device.

631600

SCEP request by certmonger cannot be recognized by automatic enrollment request.

695110

Corp FortiAuthenticator SAML login failure to mantis after VPN is disconnected.

712263

HTTP services - CRL Downloads (/cert/crl) enabled, but we still get warning that HTTP access needs to be enabled.

680776

AP HA primary cannot change mgmt interface access configuration, and the option does not sync from the primary either.

709744

Script errors on logging in to Microsoft Teams using SAML (FortiAuthenticator as the idP).

685172

FortiAuthenticator A-P running in v6.2.1 does not sync with the secondary unit pre-authentication warning message, CLI and GUI timeout.

632239

Smart Connect should not require user to select the OS.

711675

Some users are not receiving push notification prompt on their mobile phone.

711676

Feature(monitors interface stability period) not visible on FortiAuthenticator HA cluster GUI.