The following list contains new and expanded features added in FortiAuthenticator 6.1.1.
To better support O365 Azure/ADFS hybrid environments, a new LDAP/ms-DS-ConsistencyGuid option is available in the Subject NameID dropdown in Authentication > SAML IdP > Service Providers when adding or editing a service provider.
This feature offers the ability to adjust the default HA failover parameters when a FortiAuthenticator is configured as an HA standalone primary cluster member:
- Heartbeat interval: Number of milliseconds between each HA heartbeats sent to the other primary cluster member. The default value is 1000 milliseconds.
- Heartbeat lost threshold: Number of consecutive heartbeats from the other primary cluster member that must be missed before declaring it out-of-service. The standby unit uses this measure to trigger a failover. The default value is 6.
You can modify these settings at System > Administration > High Availability or in the CLI.
FortiAuthenticator now sends the FortiToken Mobile push request to a FortiGuard/FortiCloud push proxy.
In order to support the FTM push feature, FortiAuthenticator must be able to reach push.fortinet.com over TCP/443.