This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Global protect with AD integrated issue

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Global protect with AD integrated issue

Satish
L4 Transporter

‎11-17-2014 12:04 AM

Hi Friends,

How are you. i hope you are doing well. i need one suggestion from you guys... One of the our customer  using Global Protect Remote VPN with PACluster Gateway. they have integrated AD with PA deviceand GP users connecting through AD credential and now lots user credential needto change. So will itimpact when GP client connect with PA GW can you suggest  what isthe way to connect GP clients when changing credential on AD users how we cancome out from this before changing AD users credentials because to changecredential on GP client application for more than 200 users is very pathetic.

Regards

Satish

Labels:
0 Likes Likes
3 REPLIES 3

HULK
L7 Applicator

‎11-17-2014 04:51 AM

Hello Satish,

Based on your problem description, it looks, you want to change credentials on GP clients when there is a change in your AD for the corresponding users. If so,you have to uncheck SSO ( single sign on) from portal configuration ( Network > GP portal > Genaral) and use connect method as "on-demand mode". So, while the GP user will initiate the GP connection, he may manually change the saved username/password on GP agent

on-demand—Select this option to allow users to establish a connection on demand. With this option, the user must explicitly initiate the connection. This function is primarily used for remote access connections.

user-logon—When this option is set, the GlobalProtect agent will automatically establish a connection after users log in to their computers. If you select Use single sign-on, the username and password used to log in to Windows is captured by the GlobalProtect agent and used to authenticate.

Hope this helps.

Thanks

Satish
L4 Transporter
In response to HULK

‎11-18-2014 01:43 AM

Hi hulk,

i think you didn't get the my point. my question is are :- GP client with AD integration , if AD User change his credential and login with his Laptop window using new credential then the GP client also need to change manually, is there any Automatic way that user don’t need to change credential in GP client console.

If Point-1 don’t have automatic mechanism then can we integrate user-based certificate using pre-login mechanism, userbased certificate means certificate will be individual for each user

Regards

Satish

0 Likes Likes

Satish
L4 Transporter

‎11-18-2014 11:48 PM

Hi Hulk, Thanks, issue has been resolve. Regards Satish

  • 2049 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks