This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Admin users AD authentication HELP

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Admin users AD authentication HELP

cfnavarra
L2 Linker

‎09-21-2010 04:27 AM

I am trying to configure login to the firewall GUI via Active directory authentication  with virtual systems on, I followed the document "eDirectory and LDAP Authentication with PANOS", but when I configured Administrators on Authentication Profile only appears shared not vsys defined profiles. On shared Authentication Profile, groups and users from AD doesn’t appear. Please Help.

Thanks

0 Likes Likes
5 REPLIES 5

mharding
L4 Transporter

‎09-21-2010 06:27 AM

Try setting up a RADIUS server instead.

0 Likes Likes

blacksan
L1 Bithead
In response to mharding

‎09-21-2010 06:40 AM

The Admin, SSL VPN and Capture Portal uses the same Authentication Profile (LDAP/RADIUS) instead of the Pan-Agent LDAP (Novell/Active Directory)

Follow the same directions on how to setup LDAP profile for Capture profile or SSL VPN.

The biggest issue I had with the LDAP profile with that it does not work with Pan-Agent user structure (Domain\User) like the RADIUS profile.  So you will need to manually add user accounts instead of using Pan-agent setup.

.

cfnavarra
L2 Linker
In response to blacksan

‎09-22-2010 06:06 AM

I can only select shared Authentication Profile when I configure an Administrator, and

I can’t add users because I don’t get to see them on the shared Ldap profile.

Thanks

0 Likes Likes

cfnavarra
L2 Linker
In response to cfnavarra

‎09-24-2010 02:39 AM

Finally I’ve solved the authentication issue,

I’ve created an Authentication profile and added manually admin user names on Additional users.

On administrators I’ve created a new administrator with the same name as the AD user, after I assigned the authentication profile below, and administrator rights.

But I don’t want to create a new administrator for each admin user, I want to use AD groups.

Thanks

0 Likes Likes

James
L4 Transporter
In response to cfnavarra

‎09-24-2010 05:12 AM

Hi There,

You can use the user "all" instead.

More details and doc can be found in this thread:

https://live.paloaltonetworks.com/message/3103#3103

Thx

James

0 Likes Likes
  • 3203 Views
  • 5 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks