Active Directory Application

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Active Directory Application

L4 Transporter

Hello 

 

I create the security policy to allow users to logon to domain by simply selecting the activedirectory application but it is not working? Should I need to allow additional applications ?

7 REPLIES 7

L4 Transporter

yes, look at applications depencies.

Thanks. Can you please give me some direction, how can I check what other applications I must allow. I was thinking new version of PANOS, taking care of dependencies like if I want to allow fb-chat then it is under fb-base

Thanks. Active Directory application is showing this:

activedirectory app.JPG

 

I allowed all the dependend applications as well but in logs, it is showing kerbros and dns, ntp etc as well. So I am wondering why it is not working. I really appeciate your help

active-directory doesn't cover necessarily cover all authentication(s) stuff, rpc or ntp. that could be too broad

 

you want to add kerberos, some netbios, dns and ntp as well in your rule.

It's pretty important to think through exactly what you actually need to allow access to, as most things Palo tries to narrow down. The best thing is to read what it's actually going to cover either on the firewall in the GUI or by looking at applipedia which makes things a little easier to search through. 

Hello

 

I simply want to allow users to log on to domain when login to their pc. If I only allow activedirectory application, its not working. So there should be some application for this functionality 

  • 3956 Views
  • 7 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!