topic require admin users being member of LDAP groups in General Topics https://live.paloaltonetworks.com/t5/general-topics/require-admin-users-being-member-of-ldap-groups/m-p/418543#M93681 <P>Hello</P><P>We are using LDAP for authentication of the admin users (for Panorama as well as the firewall nodes).</P><P>Is it possible to adjust this, enforcing the user being a member of a specific AD group?</P><P>Last info found was regarding PAN-OS 8.1 (<A href="https://live.paloaltonetworks.com/t5/general-topics/add-ldap-group-as-administrator/td-p/260754" target="_blank">https://live.paloaltonetworks.com/t5/general-topics/add-ldap-group-as-administrator/td-p/260754</A>). Here the outcome was using RADIUS.</P> Mon, 12 Jul 2021 11:47:17 GMT JoergSchuetter 2021-07-12T11:47:17Z require admin users being member of LDAP groups https://live.paloaltonetworks.com/t5/general-topics/require-admin-users-being-member-of-ldap-groups/m-p/418543#M93681 <P>Hello</P><P>We are using LDAP for authentication of the admin users (for Panorama as well as the firewall nodes).</P><P>Is it possible to adjust this, enforcing the user being a member of a specific AD group?</P><P>Last info found was regarding PAN-OS 8.1 (<A href="https://live.paloaltonetworks.com/t5/general-topics/add-ldap-group-as-administrator/td-p/260754" target="_blank">https://live.paloaltonetworks.com/t5/general-topics/add-ldap-group-as-administrator/td-p/260754</A>). Here the outcome was using RADIUS.</P> Mon, 12 Jul 2021 11:47:17 GMT https://live.paloaltonetworks.com/t5/general-topics/require-admin-users-being-member-of-ldap-groups/m-p/418543#M93681 JoergSchuetter 2021-07-12T11:47:17Z Re: require admin users being member of LDAP groups https://live.paloaltonetworks.com/t5/general-topics/require-admin-users-being-member-of-ldap-groups/m-p/418605#M93689 <P>Well yes.... you can of course add your admin user group to the auth profile but you will still need to add users to admin profiles... &nbsp; so. No.....</P><P>&nbsp;</P><P>thats how we do it as cant see many companies having hundreds of admin users... &nbsp;so perhaps not enough feature requests...</P> Mon, 12 Jul 2021 18:25:17 GMT https://live.paloaltonetworks.com/t5/general-topics/require-admin-users-being-member-of-ldap-groups/m-p/418605#M93689 Mick_Ball 2021-07-12T18:25:17Z