Security_group_dn=CN=VPN_Users,OU=Security Groups,DC=domain,DC=local Complete documentation about the Duo Auth Proxy can be found here: I missed the radius_server_auto section of the config, here’s the whole thing: cat authproxy.cfg The same expired password tests for an AD configured ldap in Fortigate work. Ssl_ca_certs_file=conf/ssl/MYDOMAIN-LDAPS-CA.pemĮverything is working as expected via Fortigate, both ssl vpn auth and testing auth at the command line using “ diagnose test authserver ldap Duo ” However, when testing using a user with an expired or forced changed password I get a failed message.
Ldap_filter=(|(memberOf=CN=VPN_Users,OU=Security Groups,DC=mydomain,DC=local))
Security_group_dn=CN=VPN_Users,OU=Security Groups,DC=mydomain,DC=local I’ve been reading docs and I reconfigured Duo to use ldaps instead of radius for Fortigate auth in hopes of getting expired password change functionality working.
0 kommentar(er)
