Who Me Too'd this topic

Who Me Too'd this topic

L3 Networker

SAML Auth overriding LDAP Groups?

HI Guys,


We have implemented Azure SAML authentication for global protect users. There is no group filtering on Azure site. 

We tried limiting ldap groups in the:

1. SAML Auth profile on palo alto

2. Gateway > Agent > Client Settings


Inspite of the restrictions anyone outside the groups is able to connect to global protect. So does the groups setting on Azure override the group filtering on palo alto?



Who Me Too'd this topic