I need help to configure ADFS SAML with global-protect.
i have successfully imported the metadata.xml from adfs into palo.
But now i can't export the metadata from paloalto.
Whats the correct identifiers and endpoints urls for global-contect clientless? I have no idea, what i must configure in adfs.
Can anyone help?
I use panos 8.0
I solved the issue with the cli and now i have a connection from adfs to palo. But i can't login with adfs to palo alto. Has anyone experience with adfs -> saml palo alto?
i don't know what username attribute i must use for saml.
I created this rule in the adfs:
Palo Alto Saml Profile:
Could anyone help me?
Looking at the transforms in ADFS that are populating your SAML Response, you probably want to use NameID as the username attribute in your configuration on the PAN-OS side.
i would please like to know whether you were able to solve this problem
as am now facing the same Issue with SAML and AD FS (Login Retry)
I think the piece that is actually missing are Username Attribute and User group Attribute.
What parameters did you use for Username Attribute and User group Attribute?
I will deeply appreciate any hints on this matter.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!