Support for Open LDAP

Announcements

Changes to the LIVEcommunity experience are coming soon... Here's what you need to know.

Reply
mbs.admin
L2 Linker

Support for Open LDAP

Hi All,

Does Palo Alto supports LDAP running in Linux operating systems? If yes, does the configuration is the same when using active directory?

Thanks,

Rex


Accepted Solutions
cchristiansen
L3 Networker

Hello Rex,

Yes the Palo Alto Appliances do support Open LDAP, and no the configuration may not be the same as for Active Directory.  Your Open LDAP configuration will vary based on your implementation of Open LDAP (explained further in this document).

Hope this helps,

-chadd.

Here is a link to a document that may prove helpful: LDAP Overview.pdf

View solution in original post


All Replies
TheSquire
Not applicable

Hi Rex,

Palo should support open ldap and certainly states so in the admin guide.  There is no predefined type for openldap so I suspect you'll need to set to other and so if creating group mappings etc you may need to check the attributes used and possibly tweak them for your ldap.  I believe these are normally configured by default according to ldap type specified in the server profile when using active directory etc.

cchristiansen
L3 Networker

Hello Rex,

Yes the Palo Alto Appliances do support Open LDAP, and no the configuration may not be the same as for Active Directory.  Your Open LDAP configuration will vary based on your implementation of Open LDAP (explained further in this document).

Hope this helps,

-chadd.

Here is a link to a document that may prove helpful: LDAP Overview.pdf

View solution in original post

mgp
Not applicable

Hi Chadd,

Any update for step by step with Open LDAP ?

Are it possible to make single sign on like in AD ?

Thanks.

mbutt
L5 Sessionator

Below doc explains how to exactly setup OPEN LDAP profile on firewall on page 9 and has other step by step information for setting it up.

https://live.paloaltonetworks.com/docs/DOC-5315

Let us know if this helps you achieve what you are looking for.


Thank you

Numan

mgp
Not applicable

Hi Numan,

That's detail document. Thanks.

But can PANW do single sign on like in Active Directory ? Because i see it use Captive Portal.

Thanks.

mbutt
L5 Sessionator

I think once you have all the LDAP part configured correctly. The SSO feature should work as well.

Hope this helps.

Numan

luancb
L1 Bithead

I can not download document, please send me to email luan.trinh@vietsunshine.com.vn

 

Many thanks !

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!