Group mapping settings not listing AD groups in GUI

Reply
Highlighted
L2 Linker

Group mapping settings not listing AD groups in GUI

Hi, 

 

I am trying to configure user-id based authentication in Palo Alto 5220 (Pan OS 9.0.2). I have integrated Palo Alto with AD using LDAP profile. I am not able to add the AD groups in the "Group Include" list as they are not being listed in the GUI. I am using panorama to manage the firewall. However, i am able to view the groups in CLI of the firewall if i give the command "show user group list" lists all the AD groups in CLI. Also, i am able to view the "user-ip" mapping in CLI. However, i am not able to select groups in GUI under "Group mapping" and security policies. Please suggest. 

Highlighted
L7 Applicator

@MGRashmi , Hi.

 

In Panorama you need to list a "Master Device" at the bottom of your device group page.

Highlighted
L7 Applicator

master device.png

Highlighted
L2 Linker

Hi, 

 

Thanks for your response. Master device is already mentioned in the Panorama, still the group list is empty. 

 

 
Highlighted
L7 Applicator

I think the group mapping stuff is only visible if they were already active when imported to Panorama.

 

if you are adding groups from scratch you may need to follow this.

 

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClIOCA0 

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!