This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
Accept
Reject

LDAP and user authentication/authorization

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

LDAP and user authentication/authorization

Go to solution
kaare_tragethon
L1 Bithead

‎06-06-2012 05:27 AM

Hi all!

I have a problem using LDAP for user/management authentication/authorization. When I try to log in via my domain I get the following in my log (after logging in again with the admin account):

Authorization failed for user *\*via Web from *.*.*.* : Invalid user 06/06 12:41:19

User '*\*' authenticated. Profile authProfileAdmins in an authentication sequence AuthSeqDomainAdmins succeeded. From: *.*.*.*.

Any suggestions?

0 Likes Likes
1 ACCEPTED SOLUTION

Accepted Solutions

Go to solution
sspringer
L4 Transporter
In response to kaare_tragethon

‎06-13-2012 09:44 AM

Please follow the configuration steps provided in the following document: https://live.paloaltonetworks.com/docs/DOC-1989

Unless the username you are using to login is 'AllowDomainAdmins', there is a misconfiguration.

As outlined in the document, it is required to create a Device -> Administrator account for each AD account that will be used.

Hope this helps!

- Stefan

View solution in original post

0 Likes Likes
9 REPLIES 9

Go to solution
sjamaluddin
L4 Transporter

‎06-11-2012 10:24 AM

Please check the authentication profile and Authentication sequence. Are you referring to the correct profile for authentication. The empty spaces indicate that it is having trouble with the authentication profile

0 Likes Likes

Go to solution
kaare_tragethon
L1 Bithead
In response to sjamaluddin

‎06-12-2012 12:14 AM

Hi and thanks for the reply. Please see attached pictures of my current

setup. The LDAP has contact with the server, so this is not the problem...

Best Regards/Vennlig Hilsen,

Kåre Tragethon

IT & Automasjon

Hallingplast AS

Tlf: +47 32 09 56 85

Fax: +47 32 09 55 94

Mob: +47 95 25 14 38

www.hallingplast.no

Preview file
65 KB
Preview file
96 KB
Preview file
90 KB
Preview file
64 KB
Preview file
68 KB
0 Likes Likes

Go to solution
mikand
L6 Presenter
In response to kaare_tragethon

‎06-12-2012 02:27 AM

Could it be the classical mistake of using "domain.local" instead of just the netbios name "domain"?

Described in https://live.paloaltonetworks.com/thread/5050?tstart=0

0 Likes Likes

Go to solution
kaare_tragethon
L1 Bithead
In response to mikand

‎06-12-2012 03:31 AM

Thanks but that didn't help. By the way, I'm only using LDAP (no user

agent)..... I could also mention that I'm only trying to access the

Management Interface at the moment. Could that be a problem?? Do I have to

create any security rules to allow access?

0 Likes Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Copyright 2007 - 2023 - Palo Alto Networks