URL Filtering based on AD Group membership

Reply
Highlighted
Not applicable

URL Filtering based on AD Group membership

I'm trying to created a URL filter that only applies to a specific AD Group.

I have a URL filter that applies to all known and unknown users, but it's fairly restrictive.  I have a group of users that require a slightly less restrictive URL filter.

These users are all currently a member of a specific AD group, and I'd like to apply the less restictive URL filter to that group.

I can make it work if I specify the AD users individually in the policy that applies the URL filter, but if I add the group it stops working.

Any suggestions would be greatly appreciated.

Not applicable

Re: URL Filtering based on AD Group membership

Sus

In your DC take a look if the “User Identification Agent”  filtering out all Ad groups and using only AD users. If that is the case then you can add the group . I think that will solve your problem.

Not applicable

Re: URL Filtering based on AD Group membership

Hi ssarcar,

Thank for replying.

I can add the AD group to the policy but it member of that group we still being affected by the more restrictive policy, which is applied by the next rule.

Although at the moment its all a moot point, as the less restrictive rule has stopped working all together, and the Palo is marking it as an unused rule.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!