LDAP Authentication

Reply
Highlighted
Not applicable

LDAP Authentication

Hello all,

I'm running on a PA5050 and I'm wondering how I specify what groups I want to have specific access to the WebUI using LDAP authentication. Also, is there a way to setup automatic account creation for new accounts that login using LDAP or do I still need to manually add everyone?

Thanks in advance.

L4 Transporter

Re: LDAP Authentication

When using LDAP authentication you must specify each administrator manually and specify the authentication profile for LDAP on a per-user basis.  Within the LDAP authentication profile you can specify an allow list based on group, but since you have to create each admin individually providing the group filter may be redundant.

Not applicable

Re: LDAP Authentication

Thanks. This is what I was looking for.

L4 Transporter

Re: LDAP Authentication

Hello,

Just another side note, you can use Radius authentication with VSAs if you want to avoid creating users on the firewall. The VSAs can pull the username and the admin role automatically.

You can view this document for more details and to get help setting it up:

Thanks,

Aditi

Not applicable

Re: LDAP Authentication

Hello

Here is my configuration on LDAP

*Group Objects

Search Filter:

Object Class: posixGroup

Group Name: cn

Group Member: memberUid

*User Objects

Search Filter:

Object Class: person

User Name: uid

hope this help

Jerick

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!