User ID in Expedition Does not Work

Showing results for 
Show  only  | Search instead for 
Did you mean: 

User ID in Expedition Does not Work

L2 Linker

So it appears that UserID requires something more to apply to multiple rules.  I see conversations from 2019 posts that have no real answers.  I need to apply a UserID group pulled via LDAP across 5000 rules.  Expedition shows the full LDAP name that I added to a rule in Panorama which is fine but I can do nothing with that information.  I cannot copy, paste, edit this at all. This appears broken.  Is there an API requirement or a direct device link that needs to happen?


L4 Transporter

Hello @ShawnSlater 


If I am not mistaken within the firewall you can enable userID at the zone level which should accomplish what you need done?

L2 Linker

No, maybe I didn't correctly state it.  I am talking about Source User in Security Policies.  That is pulled via Group Mapping which relies on a LDAP server profile.  In Expedition it shows the full LDAP bind for the group I want.  I can do nothing with that in Expedition. I cannot change it and I cannot apply that entry to additional rules

When you are in Expedition and have imported Panorama configuration, under Objects there is a section for Users.  In there a Users via API and a User Groups via API.  Neither of these are actually part of a regular Panorama configuration from what I can tell.  This may be what I need but I don't know that there's anything explaining this.  

L4 Transporter

Hello ShawnSlater,


Generally those UserID groups are created once you have tied the panorama device into LDAP so it can pull in those UserID groups from what you have created, I would not recommend migrating this from within expedition itself. Although yes the field does exist it would make more sense to make these changes from within Panorama to isolate East-West traffic based off of UserID.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!