Model- 2050 and PANOS- 5.0.6
In security policies groups are showed as a single user and any new user added to that group are not getting identified by the PaloAlto firewall. In source user column in policy showing single user icon instead group icon. But existing users in group are getting identified ( this issue is only for newly added users )
I verified using below commands and it seems everything is fine.
#show rulebase security rules test_rule -----Showed source user as "xyz\test_group" ( group which i have used in security policy )
>show user group name xyz\test_group ------Showed all the users in that group including newly added users.
>debug user-id refresh group mapping all -------- Given message that refresh is successful.
But still device is not identifying those newly added users in group ( still showing single user icon in source user column )
How are you configuring the group in the security policy? Do you get a drop down list of groups or you manually enter the group information?
If you are manually adding the group in security policy, try adding the long format (cn=test_group,ou=xyz...) and see if that makes a difference.
You might also want to try resetting the group mapping as well:
> debug user-id reset group-mapping all
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!