10-24-2016 04:50 AM
Hello
I create the security policy to allow users to logon to domain by simply selecting the activedirectory application but it is not working? Should I need to allow additional applications ?
10-24-2016 08:03 AM
Thanks. Can you please give me some direction, how can I check what other applications I must allow. I was thinking new version of PANOS, taking care of dependencies like if I want to allow fb-chat then it is under fb-base
10-24-2016 12:44 PM
Thanks. Active Directory application is showing this:
I allowed all the dependend applications as well but in logs, it is showing kerbros and dns, ntp etc as well. So I am wondering why it is not working. I really appeciate your help
10-25-2016 07:00 AM
active-directory doesn't cover necessarily cover all authentication(s) stuff, rpc or ntp. that could be too broad
you want to add kerberos, some netbios, dns and ntp as well in your rule.
10-25-2016 09:46 AM
It's pretty important to think through exactly what you actually need to allow access to, as most things Palo tries to narrow down. The best thing is to read what it's actually going to cover either on the firewall in the GUI or by looking at applipedia which makes things a little easier to search through.
10-26-2016 09:18 AM
Hello
I simply want to allow users to log on to domain when login to their pc. If I only allow activedirectory application, its not working. So there should be some application for this functionality
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
