Resolved! Palo Azure SAML issue
Our AD forest is yz.abc.com
We have GP working with LDAP but user has to enter creds as yz\user
For the SAML profile it only configured for test portal authentication separately, no agent configuration done yet.
When I access portal in browser i get...