This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Cookie Policy. Click Preferences to customize your cookie settings.
Panorama 4.1.8 LDAP Failure
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- Discussions
- General Topics
- Re: Panorama 4.1.8 LDAP Failure
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Printer Friendly Page
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
09-25-2012 04:24 AM
Having upgraded our Panorama from 4.1.7 to 4.1.8 - we can no longer use the LDAP user authentication.
The user constantly gets "invalid username or password" (same message on the Panorama) - yet this worked without any problems with 4.1.7
On Panorama - one can see that in the LDAP profile - the Base option is never getting populated (dropdown option is only "none" rather than domain name).
Is this a new "feature" ?
Br
JørgeDA
Labels:
- Labels:
-
Configuration
-
Management
22 REPLIES 22
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
09-25-2012 11:16 PM
@ Edwin,
I would expect this to be a general LDAP issue, because I'm not able to have the LDAP server profile to see the AD correctly.
Br
Joergen
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
09-25-2012 11:50 PM
Hi guys, I was able to reproduce the same behavior my lab testing. The LDAP server profile is now (in 4.1.8) not able to see the server correctly. The LDAP server is auto populating the base server info in the earlier version but not in 4.1.8. This looks buggy. Please open a ticket with support.
Thanks,
Sandeep T
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
09-26-2012 02:25 AM
same problem with Kerberos :smileyminus:
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
09-26-2012 05:01 AM
pretty sure kerberos had an issue all along though - i was advised by TAC to use ldap/ad instead of kerb some time ago, and that fixed the issues i had then - these ldap issues now I only noticed in admin-auth, I didnt test on ssl-vpn auth before downgrading, but I dont use ldap in rules, I use user/groups but that is provided by the DC agents i believe, I dont think that was affected but I didnt test it all through
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
09-27-2012 12:36 AM
Hi
Please try removing the "domain" entry in the ldap/kerberos profile, this can cause issues with the actual autentication
regards
Tom
Tom Piens
PANgurus - SASE and Strata specialist; (co)managed services, VAR and consultancy
PANgurus - SASE and Strata specialist; (co)managed services, VAR and consultancy
Related Content
Like what you see?
Show your appreciation!
Click Like if a post is helpful to you or if you just want to show your support.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks