Someone know if there is a way to remove the domain name from the group mapping
The reason why is because i get from external source on palo alto the user id test1 or "test2" or "test3"
Goal is create a policy rule base on the source user that is being part of a domain group
In my case LDAP group mapping get this information:
show user group name emea.com\test
short name: emea.com\test
source type: ldap
[1 ] emea.com\test1
[2 ] emea.com\test2
[3 ] emea.com\test3
This is good but only need from the group mapping the name
"test1" or "test2" or "test3"
i expend hours and there is no way to understand or found the reason why palo alto get from ldap group mapping "domain name + name"
Hi @alvaroarcaz ,
If I am not wrong, group mapping will always add domain, because it needs to cover cases where you have multiple domains or even domain forest.
So in my humble opinion you should try to append the domain to the user-ip-mapping so it can match the group mapping.
Can you share bit more information how you receive user-ip-mapping? How it is configured currently?
Hi @alvaroarcaz ,
I know there is a way to override the domain for Group Mapping, but not sure if there is a way to remove it completely.
As I mentioned for me it sound reasonable to have it as you may work in multi domain environment.
The solution for you to add the desired domain to the user-ip-mapping from the User-ID agent that is processing the Pulse Secure logs. In User-ID agent settings that is parsing the Pulse Secure syslog messages go to User Identification -> Discovery -> Servers -> Edit you Pulse Secure entry and add the domain the same way as you see it the group mapping
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!