Removed user from a AD group still given the access

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Removed user from a AD group still given the access

Not applicable

So here my problem.

I have create a new rule with a  new AD group.  I have added 4 users in the group, including myself.

I have open a new custom URL group there.  All work fine so far.

Here my problem.  I try to remove myself from the group.  After applied many time rules, i still have an access to this rule.

- I have remove myself from that AD group.

- then i do the command CLI : show user group name "the_group".  Its show 3 users (myself remove from the list).

So by apply rule its should remove my access.  But when i check "MONITOR" i still see i get access for that rule.  PA CLI no see me in the group but PA still have me listed in the AD GROUP.

I have not use  "Group Mapping Settings" in "Device>User identification"

Instead i have list the AD group right in the policies, in USER TAB.

Any clue? how many time PA will take to sync the AD groups?

4 REPLIES 4

L3 Networker

Just for interest sake try flushing the session table and retest - "clear session all"

L6 Presenter

As said above you can try clearing sessions. You can clear the sessions belonging to your PC by command "clear session all filter source 'PC IP address' " that way you do not interrupt other sessions.

Thanks,

Sandeep T

so far i have try what sdurga say, because clear all session can have some behvior to others users. But i will try tonight to clear all sessions.

But that not solve the problem.  I still have access since 2 days even is im not in the AD group.

Just one command have have remove me access just for like 1 minute :

-  clear session all filter rule "The_rule_that_give_me_wrong_access"

After that clear, my sessions wasnt authentificated.

In Monitor i was seeing myself access with an IP.  Its take like 1 minute before see authentificated access back with my username.

Right after, i get by my back my wrong access like before.

So clear the users cache not seam to remove my access.

I have done a scheduled CLI for "clear session all", and that not solve my problem.

Last things i can test is reboot PA or i will open a ticket.

  • 3706 Views
  • 4 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!