Known issues
This section lists the known issues of this release, but is not a complete list. For inquires about a particular bug, please visit the Fortinet Support website.
Bug ID |
Description |
---|---|
764250 |
Bug in self-registration of tokens and SMS registration cannot be disabled, although the option is available. |
764256 |
FSSO - LDAP user/group lookup is broken by addition of remote LDAP for computer-based authentication. |
763568 |
The timestamp of the account status for lockout is Greenwich Mean Time 00:00 regardless of system time. |
752627 |
Token transfer fails if includes deprovisioned token(registration id = null) and FortiAuthenticator throws an unknown error. |
759691 |
FSSO self-service portal does not create FSSO session upon end user login. |
706701 |
FortiAuthenticator cluster is inconsistently accessible via HA interfaces from outside the HA subnet. |
746567 |
Importing Local Users from CSV - FortiAuthenticator LB shows 'In Sync with Anomalies'. |
745497 |
Kerberos not working for AES. |
676985 |
Cannot import all FTK hardware tokens from the same purchase order; need to add them all manually. |
665384 |
HA failover does not work reliably after maintenance mode is disabled on the high priority node. |
754943 |
FortiAuthenticator users certs marked as revoked even after expiry date. Deleting is prohibited for some and it produces browser's console errors. |
756782 |
FortiAuthenticator GUI cannot show how many users on every group. |
758516 |
FortiAuthenticator HA: cluster out of sync if custom RADIUS dictionary is uploaded; auth breaks. |
757968 |
/api/v1/pushauth/: the processing of the response is delayed. |
764147 |
Cloud-init: DHCP client stays resident rather than exiting after boot as intended. |
764092 |
Oauth setting permissions are missing. |
763026 |
No popup error if HA table mismatched. |
746405 |
LB HA primary locked SQL database around the same time the disk load-balancer became full. |
761702 |
Unable to properly config postgres for memory/cache if config backup is used. |
764179 |
Unable to change password of remote user unless imported in FortiAuthenticator. |
762262 |
Password reset does not work for remote LDAP user if the password contains 6 characters or less. |
763341 |
Dump when adding LDAP uid to a uid. |
690126 |
HA cluster with load balancer initial setup causes secondary cluster member to crash. |
506112 |
This post REST API call fails to activate the FortiGuard messaging license. |
613164 |
Google Workspace open LDAP crashes when we try to change password. |
761880 |
Trying to get OAuth authorization code for a user with a cloud FortiToken causes django to crash. |
761482 |
FIDO2 authentication not compatible with Apple's WiFi popup. |
755752 |
Power supplies show voltage input fault on both CLI and GUI. |
763997 |
Token challenge not sent to remote RADIUS server when TACACS+ is used with LDAP realm+ chained token. |
751108 |
FortiAuthenticator does not support admin OIDs from FORTINET-CORE-MIB properly. |
762203 |
FSSO Server restart takes too long when global pre-filter gets modified. |
761292 |
Azure remote IdP authentication fails if FortiAuthenticator FQDN contains upper case. |
676532 |
When FortiAuthenticator has a RADIUS client set as subnet; RADIUS accounting disconnect messages are not sent. |
758008 |
FortiAuthenticator joining domain and using the incorrect domain name (DNS) if the name is the same in several LDAP servers. |
749422 |
REST API script is unable to modify user's info when yubikey is assigned. |
757460 |
Enable Django auto-translation for any end-user pages. |
756777 |
Incorrect order of the fields displayed on change_password_remote page for remote users. |
566145 |
Usage Profile "TIME USAGE=Time used" is not triggering COA or a disconnect request to FortiGate. |
750134 |
FortiAuthenticator as LDAP server cannot export admin users from local user base. |
748862 |
Read-only admin profile cannot view local/remote users; error 500. |
655350 |
The lockout policy does not appear to apply to username/token submissions to the /auth API endpoint. |
646299 |
Nutanix AHV KVM based Hypervisor- upgrading FortiAuthenticator from 6.0.4 to 6.1.x fails and hangs on "Waiting for Database". |
643810 |
CLI restore-admin command needs improvement. |
638374 |
SCEP - Encryption/hash compatibility with clients. |
637028 |
SSL connection failed when the certificate expired issue is not explicit enough. |
745433 |
CLI 'execute backup config ftp' upload problem when a path is provided. |
677932 |
SCEP returns 200 on bad requests. |
745419 |
CLI 'execute backup config tftp' (also ftp) with encryption password does not result in encrypted backup. |
620127 |
Changing from maint-mode-no-sync to maint-mode-sync does not appear to restore syncing. |
757516 |
Local user CSV export does not handle commas. |
646764 |
CLI "get disk *" command fails on KVM. |
506543 |
500k+ users- Secondary's SNMP SQL query to obtain user count is obnoxiously slow (postgres needs vacuum full). |
742722 |
Remove SSO on legacy self-service portal. |
752408 |
Seek confirmation from FortiAuthenticator admin when restoring configuration via GUI. |
752409 |
Redirect FortiAuthenticator to a new IP when admin changes the IP through which s/he is accessing it in a browser. |
516357 |
LB - Toggling LB off and back on in an existing cluster can impact availability for hours/days. |
586813 |
Send SNMP trap when active HA master detects that passive unit stopped syncing. |
725800 |
IAM username validation not consistent in REST API. |
733323 |
PCI DSS 2FA shows different page for user that does not exist. |
733028 |
404 Not Found when we Resend email or SMS Message. |
723677 |
Failed auth after changing port on secure LDAP server locks radiusd and prevents it from being killed. |
561506 |
RADIUS auths fail if no port on FortiAuthenticator is assigned an IPv4 address. |
674164 |
Logging into the CLI with incorrect password on the HA secondary gives bunch of SQL errors. |
689458 |
HA cluster changing secret on primary to match secondary causes the webserver to crash on the secondary. |
550802 |
Data persistence for authentication activity widget. |
763973 |
Sponsor admin profile should be read-only. |
746611 |
RADIUS authentication delay causes 2FA failure. |