Resolved issues
The resolved issues listed below may not list every bug that has been corrected with this release. For inquiries about a particular bug, please visit FortiCloud.
Bug ID |
Description |
---|---|
904022 |
Revoked certificates still count against FortiAuthenticator license counts. |
910417 |
|
878828 |
After a reboot, FortiAuthenticator shows |
902466 |
OAuth authentication fails when user is administrator on FortiAuthenticator. |
861557 |
FortiAuthenticator remote user sync rules - Set Group Filter not working if OU has special characters in name, e.g., ( , ) , +. |
908291 |
FortiAuthenticator does not properly revoke a user certificate. |
881296 |
SNMP v3 with non-ENG letter pass gives authentication failed. |
901259 |
Issues accessing FortiAuthenticator via DNAT-ed IP address. |
899791 |
Radius Attributes option is not visible under local users when logged in with a user having full access set in admin profile. |
904790 |
In a captive portal, clicking Register then Cancel gives error 404. |
848434 |
Usability of User Group GUI. |
869768 |
Unable to delete a user group. |
905143 |
SAML logout returns |
808748 |
Self-service portal password change fails for remote LDAP users if UPN format is used. |
892321 |
FortiAuthenticator does not show the list of local users correctly after upgrading to 6.5.0. |
890072 |
Incorrect warning message when deleting a remote user sync rule. |
837728 |
Local services cannot use a certificate with >97 character subject length. |
892306 |
Local users view does not display the complete group name. |
850023 |
HA Cluster not forming due to differing smartconnect primary key name (upgrade path mismatch, but should work). |
884902 |
Unable to import 10k plus groups from Azure via SAML in FortiAuthenticator. |
862394 |
In FortiAuthenticator CLI, a user can change DNS addresses even if we assign |
901185 |
FortiAuthenticator radiusd crashes with complete authentication failure seen with certain high volume EAP traffic patterns. |
838976 |
Windows log events in FSSO are dropping after some time. |
893632 |
FortiAuthenticator unable to decode assertion after upgrading to 6.5.0. |
899505 |
Unable to provision FortiToken Mobiles on FortiAuthenticator 200E/400E/3000E in 6.5.0/6.5.1. |
854050 |
It takes a long time for FortiAuthenticator to reflect active certificates in the GUI after successful SCEP enrollment request. |
892944 |
Windows and OWA Agent stopped working after upgrade to 6.5.0. |
866392 |
FortiAuthenticator GUI/captive portal access freezes/become unresponsive during peak hours. |
873050 |
403 Forbidden error while doing SAML authentication after OAuth succeeds. |
901109 |
WAD-enforced admin/service access rules: Admin access does not apply to the HA admin interface. |
878673 |
Certificate GUI filter by status times out when there are thousands of revoked certificates. |
904049 |
The copy button does not work on the 500 error page. |
902515 |
Device reboots before configuration backup finishes downloading the firmware upgrade. |
908157 |
Unable to export guest users in Firefox. |
906588 |
GUI crashes when you click Create New in the Services tab in Authentication >TACACS+ Service > Authorization. |
898767 |
Use proper and consistent casing for OAuth. |
903771 |
LDAP user profile view in the self-service portal is broken. |
899909 |
Exception in the Result window in Self-service > Password Change. |
603105 |
LDAP user import uses server IP from DB despite browser using/showing unsaved one. |
877745 |
Javascript errors being thrown by all(?) search filters. |
874285 |
Unable to use FortiAuthenticator images in System replacement messages. |
889196 |
SAML sync rule groups input should be disabled when no server is selected. |
741765 |
REST API |
901111 |
WAD-enforced admin/service access rules stop applying when the interface IP address is changed. |
903356 |
Rebooting cluster passive node breaks application of new settings if the role remains unchanged. |
903163 |
CLI pre-authentication warning is not applied when the setting is only toggled on. Note: Toggling off works. Changing the warning message may make the CLI pre-authentication warnings to work. |
900916 |
WAD-enforced admin/service access rule only applies to the first four interfaces; rest still enforced in Python. |
865372 |
FortiNAC can overwhelm FortiAuthenticator with many TACACS+ logins on the same service account. |
887938 |
Read-only profile page does not show the correct information. |
870942 |
Return proper responses to HTTP OPTIONS requests. |
891245 |
[3rd party component upgrade required for security reasons] FortiAuthenticator - |
872779 |
[3rd party component upgrade required for security reasons] FortiAuthenticator - |
907192 |
GUI crash in OAuth authorization when no scope is provided to FortiAuthenticator. |
874256 |
Failed FIDO token authentication and reauthentication FIDO token using SP SAML portal causes error occurred. |
911436 |
Clicking Enter during verification field on Account Registration resends the code rather than submitting the code. |
897201 |
The inbound proxy feature does not work when Get proxy IP from FORWARDED HTTP header is enabled. |
907204 |
No error message reported when LDAP password reset via email/security question is rejected by the remote LDAP server. |
911038 |
Remote LDAP user unable to use Smart Connect. |
911381 |
|
907788 |
Upgrading the HA cluster from 6.4.7 GA to latest 6.5.2 build (1315) causes FortiToken Cloud license error in the License widget. |
910022 |
403 error when trying to do SAML logout with Use ACS URL from SP authentication request enabled. |
904565 |
Multiple TACACS+ authentications within a few seconds result in error if the user contains a rule. |
868829 |
IP lockout not being logged in on FortiAuthenticator logs. |
905670 |
FortiAuthenticator should not send out authentication requests for disabled TACACS+ users. |
861027 |
RADIUS attribute name should be only unique within the dictionary, not across all dictionaries. |
868836 |
TACACS+ failed authentications not counting towards IP lockouts. |
894106 |
Deleting an OAuth portal triggers 500 Error. |
900570 |
400 error when using LDAP custom attribute in the SAML SP initiated login. |
876703 |
Unable to view supported methods and available fields using |
900124 |
User lookup never displays the first few users. |
897728 |
Inbound proxy settings - GUI allows submitting duplicate values in FORWARDED by values. |
898621 |
Group membership text is misaligned when there are large number of groups in the SAML session. |
787852 |
TACACS+ attribute value pair for authorization services shows undefined entries. |
850906 |
If the user has only an email token for it's second factor authentication, and the portal has Allow users to temporarily use email token authentication if an email was pre-configured enabled under Fortitoken Revocation, the user should not be able to use Switch to email token authentication. |
877815 |
SAML IdP IAM button should not be displayed if the SAML IdP portal is disabled. |
889706 |
FortiAuthenticator Remote user sync rules - Test filter not working if OU has special characters in name, e.g., ( , ) , +. |
905076 |
Deprovisioning FortiToken Cloud token causes |
895125 |
In SAML IdP and SP login portals, specifying a realm that does not exist triggers 500 error. |
901732 |
Unable to reset password for remote user on self-service/captive portal. |
905391 |
FortiAuthenticator as SAML IdP not returning remote LDAP groups in SAML assertions. |
884316 |
SAML IdP Login Success Page: last login information not shown when the previous IdP session was cleared. |
870678 |
Recovery password and recovery token fails to send alternative email address. |
907162 |
FortiToken Cloud status should show |
680776 |
AP HA secondary cannot change the mgmt interface access configuration, and the option does not sync from the primary either. |