FortiAuthenticator Agent with group exclusion is throwing a COMException error when accessing AD to check group membership.

FortiAuthenticator memory usage showing in the widget is not matching with memory usage from SNMP (facSysMemUsage).

FortiAuthenticator SSO database is not updating on time when domain users switch from wireless to wired or vice versa.

Selecting Cloud option for group membership on SAML SP and will display 500 error if we do not select an OAuth server.

Usage Profile TIME USAGE=Time used is not triggering COA or disconnect request to FortiGate.

Occasionally, multiple SMS are received after LDAP user import instead of just one.

When creating CA certficiate debug logs sometimes show error.

Custom RADIUS attributes disappear on HA secondary after failover and we get 500 crash when clicking the RADIUS policy.

DB issue if power down during a short window when booting from the factory reset.

TACACS+ attribute value pair for authorization services shows undefined entries.

KVM model does not obey hypervisor soft restart/shutdown commands.

FIDO users status bug on SAML.

FortiAuthenticator GUI/captive portal access freezes and becomes unresponsive during peak hours.

TACACS+ failed authentications not counting towards IP lockouts.

Recovery password and recovery token fail to send alternative email address.

It takes a long time for FortiAuthenticator to reflect active certificates in the GUI after successful SCEP enrollment request.

Not able to view supported methods and available fields using /schema at the end of the endpoint.

Certificate GUI filter by status times out when there are thousands of revoked certificates.

Select All checkbox for Remote User Sync rule does not select all rules for Firefox without private window.

Self-service portal password change fails for remote LDAP users if UPN format is used.

Token bypass not working for FIDO enabled self-service portal.

SCEP Get CA requests intermittently fail under high SCEP load.

FortiAuthenticator fails send out COA disconnect to FortiGate.

IP lockout not being logged in on FortiAuthenticator logs.

Incorrect FIDO token does not count towards user lockout.

Unable to use FortiAuthenticator images in System replacement messages.

TACACS+ authentication fails when the authentication process takes long.

SNMP v3 with non-ENG letter pass gives authentication failed.

FortiAuthenticator ignores the groups filtering rules and send all SSO groups to FortiGate if FortiGate is configured with FQDN.

FortiAuthenticator does not support admin OIDs from FORTINET-CORE-MIB properly.

FortiAuthenticator as LDAP server; logs show LDAP_FAC in the Source IP field.

Changing from maint-mode-no-sync to maint-mode-sync does not restore syncing.

It show 403 Forbidden while do SAML authentication after OAuth succeeds.

Power supplies show voltage input fault on both CLI and GUI.

FortiNAC can overwhelm FortiAuthenticator with 'many' TACACS+ logins on the same service account.

Admin password recheck issues.

Local services cannot use cert with >97 character subject length.

Portal policy realms table values are in the wrong column.

RADIUS attribute name should be only unique within the dictionary, not across all dictionaries.

NTLM authentication does not work with child domain.

500 error when launching a Smart Connect profile that contains a CSR for Android.

REST API /api/v1/tacpluspolicyclient/ endpoint does not recognize policy_name or client_name parameters.

FortiAuthenticator Remote User Sync rules - Set Group Filter not working if OU have special characters in name, e.g., ( , ) , +.

FortiAuthenticator HA device with low priority is stays as primary.

Upgrading FortiAuthenticator in HA-LB removes the MAC-address records form the LB node.

Smart Connect for Android running on version 12 and 13 never installed the configuration profile.

LDAP disconnects every few seconds.

Windows log events in FSSO are dropping after some time.

Single group is passed by FortiAuthenticator as an IdP when FIDO only authentication is used in SP settings.

FortiAuthenticator HA is out of sync and web server crashes when clicking on Packet Capture with 500 Internal server error.

AP HA secondary cannot change mgmt interface access configuration, and the option does not sync from the primary either.

User account extension gives CSRF token missing or incorrect.