Want to configure two different domain for LDAP Authentication.

Reply
L2 Linker

Want to configure two different domain for LDAP Authentication.

Hi Team,

 

Can we configure two different domain in PA firewall? will it work for global protect authentication?

Thanks and Regards,
OK.

Accepted Solutions
Cyber Elite

@OsamaKhan,

Your original question was worded poorly. The integrated user-id agent is a different thing, and you absolutely can't configure it to access two separate domains. You'll want to actually use the user-id agent and install it on the respective domains, and then have your firewall pull user-id from the respective user-id agents installations. 

View solution in original post


All Replies
L7 Applicator

should be OK, add an auth profile for each domain and either restrict via group membership or just add both to the authentication sequence.  

 

L2 Linker

Hi @MickBall,

 

There is only one setting on the server monitor account. Now I can only add one username in the setting but what about the different domain.

 

Is it because of this setting on server monitoring it showing access denied?

 

Please clarify on that.

 

OsamaKhan_0-1609776864792.png

 

Thanks and Regards,
OK.
Cyber Elite

@OsamaKhan,

Your original question was worded poorly. The integrated user-id agent is a different thing, and you absolutely can't configure it to access two separate domains. You'll want to actually use the user-id agent and install it on the respective domains, and then have your firewall pull user-id from the respective user-id agents installations. 

View solution in original post

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!