08-15-2013 11:44 PM
Hi,
Can anyone explain: LDAP profile is needed just for User group mapping or in general for user mapping? Now i'm confuse.
08-16-2013 12:24 AM
Hi,
Ldap profile is needed for group mapping (https://live.paloaltonetworks.com/docs/DOC-2910).
the answer is list of existing group and user and which user is member of which group.
User-id agent (or agentless) is needed for user mapping.
the answer is which IP is associate with which user.
Rgds
Hope help
V.
08-16-2013 12:24 AM
Hi,
Ldap profile is needed for group mapping (https://live.paloaltonetworks.com/docs/DOC-2910).
the answer is list of existing group and user and which user is member of which group.
User-id agent (or agentless) is needed for user mapping.
the answer is which IP is associate with which user.
Rgds
Hope help
V.
08-16-2013 12:29 AM
Before a security policy can be written for groups of users, the relationships between the users and the groups they are members of must be established. This information is retrieved from an LDAP directory, such as Active Directory or eDirectory. Hope this helps.
08-16-2013 12:48 AM
Take a look at the below doc, this will give you a clear picture of -
Enumeration of users and their associated group membership.
Mapping of those users to their current IP addresses.
08-16-2013 01:04 AM
Thank you. It is now clear.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
