Hi, It's possible make this integration? Is the same configuration like a Windows Server AD?, I didn't found any article that talks o explain this topic.
thanks in advance
Solved! Go to Solution.
It should be the same configuration you just need to feed it the proper address and make sure that your service route or mgmt port can access the Azure server.
The Azure AD product is not a full AD server but a linked authentication device using federated services. The PA AD connector relies on seeing the actual AD log messages so I don't believe this will work with the Azure AD product. In this scenario your better option would be to connect to the company internal AD servers that make the federated connection to Azure AD.
But if you run a virualized AD server in the Azure VM environment you could connect using the normal methods.
Azure AD Domain Services is now GA, so if you're willing to pay for it, you could do LDAP auth against that: https://azure.microsoft.com/en-us/services/active-directory-ds/
But you can't do transparent UserID because you have no "domain controller" to read events from.
Our clients using Azure AD as a service as their primary identity source need the firewall to populate Azure AD user to real (e.g. LAN RFC 1918) mappings. Using captive portal with Azure SAML SSO (as described in the following Microsoft Article) worked best for me.
We are greatful to Palo Alto and Microsoft for including this feature.
Parsing Azure syslogs may not be the best option as they logs the public IP rather than the real IP of the user / device. Therefore we would not be able to differentiate users / devices NATed behind the same public IP.
Thanks for the update, really happy to see this feature added to Azure.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!