This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
Accept
Reject

user id group mapping

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

user id group mapping

Sarou22
L1 Bithead

‎11-25-2021 04:38 AM

 

Hello I have several questions to ask you about the user ID.

1)We say that the LDAP does not map between the ip and the user, so who does the mapping between the ip and the user name?

 

 

2)  then, when we configure the mapping of group. I do not understand the mapping of group in what it consists? To associate the name of the user and his ip or to associate a name to a group?

Because we talk about "group mapping" and not "IP mapping".

 

0 Likes Likes
6 REPLIES 6

Abdul-Fattah
L4 Transporter

‎11-25-2021 05:10 AM - edited ‎11-25-2021 05:11 AM

Hi @Sarou22 ,

- the firewall provide several methods to map IPs to user, one of them is server Monitoring which allow the firewall to monitor AD servers for users authentication, so the firewall can do that among other methods as well.

for more info check this out: https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/user-id/map-ip-addresses-to-users.html#id6...

- About group to user mapping also the firewall itself will do that, when it is configured, under Device>User Idenetification.

0 Likes Likes

Sarou22
L1 Bithead
In response to Abdul-Fattah

‎11-25-2021 06:06 AM

Hello, thank you for the answer.

But I don't understand why we talk about group to user mapping because the firewall maps a user to its IP?

Exemple

User id : John

IP: 192.168.1.1

It's not group to user mapping, isn't it?

0 Likes Likes

Abdul-Fattah
L4 Transporter
In response to Sarou22

‎11-25-2021 07:18 AM

for example in a Security policy, to be able to control traffic of a certain user you will need IPs to User mapping. And if you want to control traffic of a certain group you will need IPs to User mapping & users to group mapping.

 

0 Likes Likes

Sarou22
L1 Bithead
In response to Abdul-Fattah

‎11-29-2021 12:01 PM

So

Exemple :

Group : John ( 1 person)

Now i don't need group mapping because there IS only one person isn't it ?

 

 

0 Likes Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Copyright 2007 - 2023 - Palo Alto Networks