Ship Windows Agent 3.8 with FortiAuthenticator 6.4.0.

Case sensitivity is ignored by REST API rate limit feature.

A-P cluster: Link down status of the monitored interface does not trigger failover.

Improve FortiAuthenticator logging on failure to send push notifications.

Built-in Big Switch Network RADIUS attributes fail to send ACCESS-ACCEPT.

Local cert for GUI rejected despite SAN field.

Error when importing a remote LDAP user.

Smart Connect WPA2-Personal profile fails when WPA2-Enterprise settings are left in place.

FortiAuthenticator only applies one captive portal policy and ignores RADIUS client IP/AP IP in portal policy selection.

Update 6.3.1 produces 503 server error for GUI under heavy SCEP traffic.

Unable to expand FortiAuthenticator "data drive" beyond 2 TB.

Octet/ASCII conversion for all RADIUS attribute-value pair inputs.

Concatenated style OTP is not working with Windows-AD authentication being enabled.

MAC address parameter in portal policy should only allow MAC addresses.

Allow deletion of the expired user and the local service certificates.

Local users export/import feature does not work if bcrypt hash is used.

Proxy allowlist input visible when "Configure valid FORWARDED by values" is not checked.

Unable to get DN when creating an LDAP server.

Double crash in 500 error.

SAML configuration requires domain name with ".", but does not warn.

Poor handling and usability in Self Service Portal > Pre-login > Register New User.

SAML local override user does not work.

Test SMS does not work when adding a gateway.

Clickable area extends beyond the buttons in the Self-service Portal.

Better error display for FortiToken mobile when FortiAuthenticator does not have a license.

Portal policy changes in the RADIUS response does not take effect.

Unable to save portal policy with "NA - stay in login page" selected.

Unable to delete SSO Filtering Objects.

Revisit categories mentioned in the download "Debug Report" dropdown.

The firmware certificate should not be allowed to be selected in the GUI.

FortiAuthenticator built-in redirect page allows manual entry of page title and unformatted text content.

Leaving form with unsaved data often leads to error 404.

Revisit authentication labels tagged with the keyword "RADIUS".

18120 should not be allowed in the Authentication port.

Improve the SNMP GUI.

User Registration Receipt Email Message in Authentication > Portals > Replacement Messages needs formatting.

Updating the common name in a remote sync rule does not update the FortiAuthenticator user cert binding common name on subsequent synchronizations.

Libxml2 2.9.11 security fixes - Precaution upgrade.

Unable to edit secondary cluster member's HA settings.

MAC device belonging to user setting resets to no user after updating it from API.

Internal server error in the self-service portal remote RADIUS user profile.

Unable to import remote users from the remote LDAP server page.

Imported remote LDAP users do not appear in the remote LDAP users section until the page is refreshed.

500 internal server error when using the test filter in a remote user sync rule.

Switch SAML SP Azure APIs to use Microsoft Graph instead of the Azure Active Directory graph.

REST API rate limit feature does not distinguish between users with the same username but different realms.

Remote admin users should be able to log in to FortiAuthenticator without prefixing their realms.

Unable to make any changes to user information in self-service portal 500 error.

email_admin FortiAuthenticator login and CLI issues.

Two cancel buttons on Force Password Change page.

Revoking user certificate creates a blank dialog.

Unable to edit security questions through the legacy self-service portal.

Admin profile for "Maintenance" can disable admins and regular users.

New Fortinet RADIUS VSA for FortiPortal (Fortinet-Fpc-Tenant-User-Sites) 42.

Crash when using too many diacritic characters in the name field.

User can exceed the limited amount of MAC devices created per user.

TACACS import clients from GUI need to be more robust.

Remote LDAP sync rules should not be able to sync usernames with special characters as admins.

Admin profile for "Portals" cannot access the help button.

The cancel button on the user page for LDAP Remote Authentication should close the dialog.

FortiAuthenticator allows invalid group assignment when importing users via CSV file.

HA Cluster not able to access management port IP address.

SAML user filter does not work.

SAML "Remote user sync rule" overwrites manually entered user information even when the imported data is blank.

Test token code is missing the username in the email sent out.

Adding a permission set through the user page does not appear until the page is refreshed.

Relabel 'Ha' to 'HA' in the HA Settings page.

Restrict number of API requests should not be able to have empty value.

Remote user sync rule GUI logs show failed message even though user successfully syncs.

Purge disabled users feature does not work.

FortiBootloader firmware upgrade to 6.1.0 and later.

RADIUS proxy setup fails when the push notification is enabled on remote RADIUS.

RADIUS crashes if it receives a RADIUS packet with State=1, but the user is not previously authenticated.