Anyone use "Expired Active Directory Password Change for Remote Users" in PAN version 8.1 and GP Ver

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Anyone use "Expired Active Directory Password Change for Remote Users" in PAN version 8.1 and GP Ver

L3 Networker

Hi,

Anyone use "Expired Active Directory Password Change for Remote Users" in PAN version 8.1 and GP Version 4.1?

https://www.paloaltonetworks.com/documentation/41/globalprotect/globalprotect-app-new-features/new-f...

Does it work? Can you do it with LDAP or do you have to use radius? Any gotchas?

Thanks

3 REPLIES 3

L4 Transporter

Hello

 

I have the same problem as You...

 

Is it possibly that noone is using prelogon feature for password reset?

 

For what reason we have Radius connection? Is it nessesary for AD password change according to this link?

 

Please help us!

 

Regards

Slawek

@_slv_

Yes, the pre-logon feature can be used for password changes or setting a new password when the user is required to. But if you use also the single sign ln feature you have to choose the Global Protect login option and if this option is chosen, passeord reset/change no longet work so the user has to change back to the default login option to change the password and after that he has to change again to the global protect login option to make single sign on work again...

... this works for IT people, but not for "normal" users who would then call the hotline every time ... so this feature sounds good with the password change in the GP application, but I did not test it so far.

L4 Transporter

@Remo

 

I don't use SSO for GP (most out laptops are not AD joined) but those users from such laptops conect to computers that are joined to AD (RDP connection).

 

According to link I think that pre-logon feature is not for me...

 

Thx for explanation!

 

 

Regards

Slawek

  • 2631 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!