Content translations are temporarily unavailable due to site maintenance. We apologize for any inconvenience. Visit our blog to learn more.
01-13-2021 03:55 AM
We want list of users of particular group who are connecting Global protect.
Reason behind this requirement is to get number of users from particular group who are connecting GP. So accordingly we can purchase the licence for 2FA from third party vendor.
We have added multiple groups for GP authentication , if 100 users in HOD group and from them only 50 users connecting GP.
We want list of those 50 users.
01-13-2021 04:30 AM
I have not seen any direct link to display this but you could add a portal agent config for each group. just clone the default config (if you have one ) and add each group to the config selection criteria.
So your portal would have an agent config named "HOD" and the user/user group under selection criteria would also be "HOD".
you will then be able to run a custom report on GlobalProtect and use the filter builder "Description Contains HOD"
Or... If you are forwarding to syslog then you could import all group members into a file and using a "while do" loop grep the logs.
01-13-2021 05:06 AM
in the logs there's no direct correlation between the username and group membership, the group is used more like an access list to be allowed to authenticate
so if you add the HOD group to their own gateway (create a new gateway and only allow that group to use that gateway) you will be able to quickly generate a report or manually inspect the GlobalProtect logs for anyone using that gateway
01-13-2021 06:12 AM - edited 01-13-2021 06:12 AM
you can check the list of users who are connecting or previously were connected to GP from: Network > Globalprotect > Gateway> Remote user > previuos user, you can search for the group you want or you can export the list and do the search and processing that meet your requirements.
01-13-2021 06:40 AM
I cannot see the group listed in previous users, what version??
I only get these columns..
01-14-2021 02:22 AM - edited 01-14-2021 03:06 AM
<p> Primary Username field you should be able to seen the Domain and above in the search field you can enter the domain to filter only the wanted users</p>
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
