https://live.paloaltonetworks.com/t5/general-topics/authentication-users-are-not-matching-with-groups/m-p/309919#M80275 <P>Hi, Matt.&nbsp;</P><P>&nbsp;</P><P>Thanks for your response.&nbsp;</P><P>&nbsp;</P><P>Yes, I have deleted it last week. Now, my "user domain" space is blank. I have followed the documentation.</P><P>&nbsp;</P><P>I have both the groups and users un NETBIOS format (netbios\group, netbios\user). But it continues without matching.&nbsp;</P><P>&nbsp;</P><P>Thought was the policy, but when I change the specific group to "Known User" the policy starts to log traffic. So based on that I conclude that the FW is not seeing the users within the group.&nbsp;</P><P>&nbsp;</P><P>Regards,&nbsp;</P> Thu, 06 Feb 2020 22:28:08 GMT iscott 2020-02-06T22:28:08Z https://live.paloaltonetworks.com/t5/general-topics/authentication-users-are-not-matching-with-groups/m-p/309859#M80265 <P>Hello,&nbsp;</P><P>&nbsp;</P><P>I have a problem with authentication. I have configured a PAN integrated agent.&nbsp;</P><P>&nbsp;</P><P>I can see users authenticated. At the same time, the firewall is getting the groups from AD. But for some reason, the users are not matching with the groups. So the policy based on the group that I configure is not logging traffic.</P><P>&nbsp;</P><P>Users and groups are in NETBIOS format.&nbsp;</P><P>&nbsp;</P><P>Regards,&nbsp;&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P> Thu, 06 Feb 2020 17:40:39 GMT https://live.paloaltonetworks.com/t5/general-topics/authentication-users-are-not-matching-with-groups/m-p/309859#M80265 iscott 2020-02-06T17:40:39Z https://live.paloaltonetworks.com/t5/general-topics/authentication-users-are-not-matching-with-groups/m-p/309912#M80273 <P>I recently had an issue where I could see my AD groups and apply them to policies.. but it seemed like the users were not being enumerated and consequently the policy was not being applied. It turned out to be a domain name mismatch.&nbsp;</P><P>&nbsp;</P><P>My AD groups as appearing in policy looked like this:&nbsp; domain\user</P><P>But my users were being enumerated as: domain.local\user</P><P>&nbsp;</P><P>I ended having to change the remove the ".local" domain suffix in the user ID group mapping setting.&nbsp; Once that happened, the policies started to apply to the group members themselves. Not sure if this is what you are seeing, but a place to check!</P><P>&nbsp;</P><P>Device &gt; User Identification &gt; Group Mapping Setting&nbsp;</P> Thu, 06 Feb 2020 22:13:53 GMT https://live.paloaltonetworks.com/t5/general-topics/authentication-users-are-not-matching-with-groups/m-p/309912#M80273 MattRathbun 2020-02-06T22:13:53Z https://live.paloaltonetworks.com/t5/general-topics/authentication-users-are-not-matching-with-groups/m-p/309919#M80275 <P>Hi, Matt.&nbsp;</P><P>&nbsp;</P><P>Thanks for your response.&nbsp;</P><P>&nbsp;</P><P>Yes, I have deleted it last week. Now, my "user domain" space is blank. I have followed the documentation.</P><P>&nbsp;</P><P>I have both the groups and users un NETBIOS format (netbios\group, netbios\user). But it continues without matching.&nbsp;</P><P>&nbsp;</P><P>Thought was the policy, but when I change the specific group to "Known User" the policy starts to log traffic. So based on that I conclude that the FW is not seeing the users within the group.&nbsp;</P><P>&nbsp;</P><P>Regards,&nbsp;</P> Thu, 06 Feb 2020 22:28:08 GMT https://live.paloaltonetworks.com/t5/general-topics/authentication-users-are-not-matching-with-groups/m-p/309919#M80275 iscott 2020-02-06T22:28:08Z https://live.paloaltonetworks.com/t5/general-topics/authentication-users-are-not-matching-with-groups/m-p/311244#M80557 <P>Hello,</P><P>&nbsp;</P><P>About this case.</P><P>&nbsp;</P><P>I don't know why in Group Mapping configuration was a "sAMAccountName" configured in the Group Objects.</P><P>&nbsp;</P><P>Were necessary to create a new Group Mapping with the "Search Filter" blank.&nbsp;</P><P>&nbsp;</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="iscott_0-1581691930988.png" style="width: 400px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/23970i03F99EAF8FA6395C/image-size/medium/is-moderation-mode/true?v=v2&amp;px=400" role="button" title="iscott_0-1581691930988.png" alt="iscott_0-1581691930988.png" /></span></P><P>&nbsp;</P><P>It began to work after that change.</P><P>&nbsp;</P><P>Regards,</P> Fri, 14 Feb 2020 14:50:35 GMT https://live.paloaltonetworks.com/t5/general-topics/authentication-users-are-not-matching-with-groups/m-p/311244#M80557 iscott 2020-02-14T14:50:35Z