topic Normalize domain name received from XML API user mapping source in Automation/API Discussions https://live.paloaltonetworks.com/t5/automation-api-discussions/normalize-domain-name-received-from-xml-api-user-mapping-source/m-p/252708#M1876 <P><SPAN>We use Cloudpath enrollment system to onboard wireless clients. Cloudpath sends user mapping information to our Palo Alto firewalls using XML API. The issue is that Cloudpath uses the certificate template name as the domain name / netbios_domain. For example a user who's mapping is received through AD would show as netbios_domain\username but the XML API received users show as cert_</SPAN><A href="https://template.domain.edu/" target="_blank" rel="noopener">template.domain.edu</A><SPAN>\username. This means the security policy rules that use group mapping are not properly applied to wireless users. If possible we would like to normalize the usernames received from Cloudpath via XML API to the same netbios_domain\username as our AD usernames in order for the policies that use the AD group mapping to be applied appropriately. Is there a way to accomplish this?</SPAN></P> Thu, 07 Mar 2019 15:38:27 GMT charles.thompson 2019-03-07T15:38:27Z Normalize domain name received from XML API user mapping source https://live.paloaltonetworks.com/t5/automation-api-discussions/normalize-domain-name-received-from-xml-api-user-mapping-source/m-p/252708#M1876 <P><SPAN>We use Cloudpath enrollment system to onboard wireless clients. Cloudpath sends user mapping information to our Palo Alto firewalls using XML API. The issue is that Cloudpath uses the certificate template name as the domain name / netbios_domain. For example a user who's mapping is received through AD would show as netbios_domain\username but the XML API received users show as cert_</SPAN><A href="https://template.domain.edu/" target="_blank" rel="noopener">template.domain.edu</A><SPAN>\username. This means the security policy rules that use group mapping are not properly applied to wireless users. If possible we would like to normalize the usernames received from Cloudpath via XML API to the same netbios_domain\username as our AD usernames in order for the policies that use the AD group mapping to be applied appropriately. Is there a way to accomplish this?</SPAN></P> Thu, 07 Mar 2019 15:38:27 GMT https://live.paloaltonetworks.com/t5/automation-api-discussions/normalize-domain-name-received-from-xml-api-user-mapping-source/m-p/252708#M1876 charles.thompson 2019-03-07T15:38:27Z