I'm having an odd issue. I have global protect configured and using Okta (saml) authentication. Now everything is working fine except that a handful of users have the wrong user-id. All users are expected to have their email address as their user-id however that handful of users for some reason has the format of "domain\username" instead.
I tried clearing the user cache, disabling/enabling user id on the zone, etc.
Is there something else I could be missing?
Take a look at your auth profile and make sure it is set to look at the field you want. For example we recently had to switch from using sAMAaccountName for VPN connections to using UserPrincipleName because users were showing up as user@domain instead of the domain\username we were used to. There are a few adjustments that can be made in the auth profile that may help. Also take a look at the Username Modifier dropdown.
ah sorry I assumed your Okta auth was tied into AD. You may be able to use the modifier but we may need someone familiar with Okta in here :) Might be worth calling your Okta rep maybe they have seen a similar config before
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!