This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Cookie Policy. Click Preferences to customize your cookie settings.
Panorama 4.1.8 LDAP Failure
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- Discussions
- General Topics
- Re: Panorama 4.1.8 LDAP Failure
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Printer Friendly Page
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
09-25-2012 04:24 AM
Having upgraded our Panorama from 4.1.7 to 4.1.8 - we can no longer use the LDAP user authentication.
The user constantly gets "invalid username or password" (same message on the Panorama) - yet this worked without any problems with 4.1.7
On Panorama - one can see that in the LDAP profile - the Base option is never getting populated (dropdown option is only "none" rather than domain name).
Is this a new "feature" ?
Br
JørgeDA
Labels:
- Labels:
-
Configuration
-
Management
22 REPLIES 22
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
09-27-2012 01:45 AM
Hi Tom,
Confirming that after removing the domain entry I was able to log on with my domain account.
The bind section however - will still not populate. It has to be there thou for the authentication to work.
So step forward - but not something I will try on my firewalls 
Br
Jørgen
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
09-27-2012 01:53 AM
Yes, it works without "domain" entry
On prior Version it works also without this entry. So where is it used for?
Thx
Jörg
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
10-01-2012 09:20 AM
Confirmed on PA5020 that removing the "doman" entry in Kerberos resolved login issue on 4.1.8.
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
10-02-2012 11:30 AM
Confirmed here as well on PA2050.
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
10-29-2012 08:32 AM
Ive had to flip the "domain" entry setting back and forth to get LDAP to work correctly.
I would remove it, and it would work for a while....then I would have to add it back and then remove it to get it to work again.
Tech support has now suggested to me that I go back to version 4.1.7-h2
Related Content
- Replace Local Firewall object (address) with Panorama pushed object? in General Topics
- General AIOps questions in AIOps for NGFW Discussions
- Issues with sending Email Updates from Palo Alto Firewall in General Topics
- Commit Errors on 1st Push in General Topics
- routed-config-p2-failed in General Topics
Like what you see?
Show your appreciation!
Click Like if a post is helpful to you or if you just want to show your support.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks