Nested Active Directory Groups

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Nested Active Directory Groups

L4 Transporter

Can it handle nested Active Directory groups?

Security policy with a group which a user is not direct member of. When user tries connection through firewall then it checks the groups within the group (an so on).

Can it be configured how deep the nesting is checked?

5 REPLIES 5

L1 Bithead

I have the same question.  Does anybody now the answer?

thanks

you mean there is a group inside a group

group1\group2\group3\group4\group5

group5 is member of all 1,2,3,4 groups

so you can write a rule for group5 ????

no, the other why around, Can write a rule for group1 which has 2,3,4,5 as members and it applies to all of them?

yes you can write.

L5 Sessionator

We can authenticate users and also fetch the group mapping for users that are nested within multiple AD groups. You can also verifiy if  the users nested in these groups are being picked up from the firewall, from the web interface: Device tab-->user identification-->group mapping settings--group include list, + box on the hierarchy being read by the firewall.

When users are nested within hierarchies of groups, you can configure the topmost hierarchy (group 1)  under the policy, and it checks for all the groups nested under it to see if the user belongs under them.

  • 5312 Views
  • 5 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!