6.0.4 group mapping issue?

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

6.0.4 group mapping issue?

L4 Transporter

I started running into this group mapping issue after update a client to 6.0.4.

We have a policy which matches on an Active Directory group for SSLVPN and what they can access. The same A.D. group is used in the Kerberos authentication profile to auth to VPN.

After the update, these users are no longer matching on this policy. There is a policy just above it utilizing a different A.D. group and users from that group match just fine.

I did notice in the CLI if I do a show user group mapping ?, it lists the LDAP format of the group name as oppose to domain/group... whereas for the group which is working, it shows domain/group.

If I go to the policy and delete the group then add the group back name in via the LDAP format, it auto-resolves it to the group\domain format as soon as I hit enter.

1 accepted solution

Accepted Solutions

L4 Transporter

Eureka. Apparently 6.0.4 may have a problem processing group names which have a hyphen. I create a new group with the same users which lacked a hyphen and it matched as expected. Added a hyphen to the new group and it stopped.

View solution in original post

1 REPLY 1

L4 Transporter

Eureka. Apparently 6.0.4 may have a problem processing group names which have a hyphen. I create a new group with the same users which lacked a hyphen and it matched as expected. Added a hyphen to the new group and it stopped.

  • 1 accepted solution
  • 2094 Views
  • 1 replies
  • 1 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!