Known issues
This section lists the known issues of this release, but is not a complete list. For inquires about a particular bug, please visit the Fortinet Support website.
Bug ID |
Description |
---|---|
566145 |
Usage Profile |
620127 |
Changing from |
680776 |
AP HA secondary cannot change the |
694664 |
FortiAuthenticator Agent with group exclusion is throwing a |
741765 |
REST API |
743775 |
SCEP Get CA requests intermittently fail under high SCEP load. |
751108 |
FortiAuthenticator does not support admin OIDs from |
755752 |
Power supplies show voltage input fault on both CLI and GUI. |
775006 |
Occasionally, multiple SMS are received after LDAP user import instead of just one. |
780558 |
Creating CA certificate debug logs sometime shows error. |
781832 |
Token bypass not working for FIDO enabled self-service portal. |
787852 |
TACACS+ attribute value pair for authorization services shows undefined entries. |
801933 |
FortiAuthenticator as LDAP server; logs shows |
805969 |
FortiAuthenticator supports Zero Trust tunnels to multiple remote LDAP servers through one FortiGate only. |
808748 |
Self-service portal password change fails for remote LDAP users if UPN format is used. |
814255 |
Custom RADIUS attributes disappear on HA secondary after failover and we get 500 crash when clicking on a RADIUS policy. |
816070 |
DB issue if power down during a short window when booting from factory reset. |
837728 |
Local services cannot use cert with >97 character subject length. |
837791 |
TACACS+ authentication fails when the authentication process takes long. |
838976 |
Windows log events in FSSO are dropping after some time. |
842886 |
Upgrading FortiAuthenticator in HA-LB removes the MAC-address records form the LB node. |
843334 |
KVM model does not obey hypervisor soft restart/shutdown commands. |
850023 |
HA Cluster not forming due to differing smartconnect primary key name (upgrade path mismatch, but should work). |
854050 |
It takes a long time for FortiAuthenticator to reflect active certificates in the GUI after successful SCEP enrollment request. |
857399 |
FortiAuthenticator fails to send COA disconnect to FortiGate. |
861027 |
RADIUS attribute name should be only unique within the dictionary, not across all dictionaries. |
861112 |
NTLM authentication does not work with child domain. |
861557 |
FortiAuthenticator remote user sync rules - Set Group Filter not working if OU has special characters in name, e.g., |
861611 |
Smart Connect for Android running on version 12 and 13 never installed the configuration profile. |
863635 |
FIDO users status bug on SAML. |
865372 |
FortiNAC can overwhelm FortiAuthenticator with 'many' TACACS+ logins on the same service account. |
866392 |
FortiAuthenticator GUI/captive portal access freezes/become unresponsive during peak hours. |
866709 |
Admin password recheck issues. |
868810 |
FortiAuthenticator HA device with low priority stays primary. |
868829 |
IP lockout not being logged in on FortiAuthenticator logs. |
868836 |
TACACS+ failed authentications not counting towards IP lockouts. |
869867 |
FortiAuthenticator SSO database is not updating in a timely manner, when domain users switch from wireless to wired or vice versa. |
870678 |
Recovery password and recovery token fails to send alternative email address. |
871196 |
LDAP disconnects every few seconds. |
871533 |
Incorrect FIDO token does not count towards user lockout. |
872920 |
Portal policy realms table values are in the wrong column. |
873050 |
403 Forbidden error while doing SAML authentication after OAuth succeeds. |
873972 |
Single group is passed by FortiAuthenticator as an IdP when FIDO- only authentication is used in the SP setting. |
874285 |
Unable to use FortiAuthenticator images in System replacement messages. |
875536 |
User account extension gives |
876009 |
FortiAuthenticator ignores the groups filtering rules and sends all SSO groups to FortiGate if the FortiGate is configured with FQDN. |
876703 |
Unable to view supported methods and available fields using |
876897 |
FortiAuthenticator memory usage showing in the widget is not matching with memory usage from SNMP ( |
877432 |
Selecting Cloud option for group membership on SAML SP displays 500 error if we do not select an oauth server. |
878665 |
500 error when launching a Smart Connect profile that contains a CSR for Android. |
878673 |
Certificate GUI filter by status times out when there are thousands of revoked certificates. |
879570 |
Select All checkbox for remote user sync rule does not select all rules in Firefox without private window. |
881296 |
SNMP v3 with non-ENG letter pass gives Auth failed. |
882098 |
FortiAuthenticator HA is out of sync and the web server crashes when clicking on Packet Capture with 500 Internal server error. |
899505 |
Unable to provision FortiToken Mobiles on FortiAuthenticator 200E/400E/3000E in 6.5.0/6.5.1. |
900916 |
WAD-enforced administrator/service access rules are only applied to the first four interfaces. The rest is still handled in Python. |