This article illustrates the issue where the connection status to AD is successful, but the AD connector status is down.
The connector settings are configured as below:
It is possible to run debug to check for the error message:
# diag deb authd fsso -1
# diag deb enAn error message appears for ‘wrong format of data status, len 8 <> 4’.
Although, it is possible to see that the authentication is successful:
Solution
The username in FSSO Connector Settings should not include the domain. Once removing the domain portion from the Connector Settings, the domain was removed:
Turn on the debug to verify if the connection is proceeding accordingly:
Based on the above debug log, it is possible to see that LOGON info is correctly transmitted.
FortiGate GUI is also showing that the connector connectivity is up and successful:
