Who Me Too'd this topic

Who Me Too'd this topic

rjdahav163
L3 Networker

SAML Auth overriding LDAP Groups?

HI Guys,

 

We have implemented Azure SAML authentication for global protect users. There is no group filtering on Azure site. 

We tried limiting ldap groups in the:

1. SAML Auth profile on palo alto

2. Gateway > Agent > Client Settings

 

Inspite of the restrictions anyone outside the groups is able to connect to global protect. So does the groups setting on Azure override the group filtering on palo alto?

 

Thanks!

Who Me Too'd this topic