Resolved! GlobalProtect with Certificate Profle
I have configured GlobalProtect to use Authentication Profile using LDAP (sAMAccountName) and a Certificate profile.
I have user certificates pushed through Group Policy. The configuration works. However, I noticed a few things
1) If I login as User
...