Usage Profile 'TIME USAGE=Time used' is not triggering COA or disconnect request to FortiGate.

SSL connection fails if the certificate expired issue is not explicit enough.

Locked out user account should have status as disbled in user lookup page.

When FortiAuthenticator has RADIUS client set as subnet, RADIUS accounting disconnect messages are not sent.

AP HA secondary cannot change mgmt interface access configuration, and the option does not sync from the primary either.

Unable to resolve the username if the primary LDAP connection is down.

SCEP Get CA requests intermittently fails under high SCEP load.

FortiAuthenticator as LDAP server cannot export admin users from the local user base.

FortiAuthenticator does not support admin OIDs from FORTINET-CORE-MIB properly.

Enable Django auto-translation for any end user pages.

FIDO2 authentication not compatible with Apple's WiFi popup.

SNMP facSysCpuUsage returns wrong type.

A-P cluster, it forms when configured from the GUI, it does not when configured from CLI without a restart.

Revoking of certificate is not seen with OCSP until FortiAuthenticator reboots.

Enable/disable FortiToken Cloud push notification button shuts down all the authentication methods.

When an admin with 2FA tries to authentcate to the CLI, before being prompted for the token code, an "Access denied" message is shown. Once the token is typed in, the auth goes through.

RADIUS client cannot connect to the RADIUS server caused by an unknown client.

Changing the username attribute will cause the remote sync rule to remove existing remote users and eventually reimport them.

Sometimes(randomly) FortiAuthenticator fails to send email notification.

Password not defined after importing users from LDAP as a local user via sync rule.

E-mail address does not appear in the logs after social login authentication.

Captive portal loops between /portal/server?, 200 OK to /portal/login/server? 302 OK back to /portal/server? on Chrome browsers.

FIDO key user should have information in User Lookup.

Automatic CRL download error with two Identical DN.

Remote SAML user sync rule creates one log entry for every SAML user assgined FortiToken Mobile every time the SAML sync occurs.

FortiAuthenticator 6.4.1 GA SAML Logout fails.

FortiAuthenticator supports Zero Trust tunnels to multiple remote LDAP servers through one FortiGate only.

FortiAuthenticator license file is too large for AWS.

Self-service portal password change fails for remote LDAP users if UPN format is used.

Country code selection for guest portal user registration on iOS selects incorrect country prefix.

TACACS consuming CPU resources 100% with zero connections.

FortiAuthenticator does not log an error when it cannot communicate to an external SMS provider due to invalid or expired certificate.

Unable to import LDAP user from GUI by using IBM Lotus Domino LDAP.

DB issue if power down during a short window when booting from factory reset.

Hide RADIUS attribute substring match option for non-string types.

Unable to set Group Filter for remote user group.

Registering an already existing username on Legacy Self-serve Portal triggers 500 error.

"Users and Devices" permission set does not allow to import remote LDAP users.

"Users Audit Report" does not update timestamps in the "Last Used" Column for EAP-TLS authentication used for Wireless.

Username is not populated in Logs, when changes are done via API in FortiAuthenticator.

Ukrainian language pack is added but the legacy self-service portal shows some parts in English and some in Ukraine.

Revoked intermediate CA are shown in the GUI as used per license.

After configuring initial IP settings in CLI, https GUI access does not work.

Local services: Unable to use certificates when the subject length is more than 97 characters.

Despite DH modulus regeneration and device reboot, DH modulus is still equal to 2048 bits (256 bytes) instead of 4096 bits (512 bytes).

Captive portal automatic log in after successful user verification is failing.

Unable to import Guest users using CSV format in FortiAuthenticator.

Chained token authentication fails with self service portal.