I'm trying to implement group-based policies in a standalone Prisma Access deployment. I'm working only with Prisma for Remote Networks. For this purpose I have enabled a Directory Sync Agent to retrieve groups from LDAP Server but Prisma don't have connection to Active Directory so we don't have LDAP Server Profile yet. I need to confirm if it's necessary configure LDAP Server Profile, User-ID Agent, to get group-based policies and user information in the reports and if it's possible enable it through Directory Sync Service?
This should be possible to do without LDAP and directory sync is going to pull the users/groups mapping bases on what groups are configured in the security policy.
For the IP-user mapping, however, you might need a user ID agent since it is remote network and there is no GP.
Hope this helps,
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!