Has anyone been able to use the Google LDAP service for authentication for GlobalProtect users? I haven't been able to get the firewall to successfully connect to the Google LDAP service. Google suggests cert based authentication to the service and provides a cert but the firewall rejects the import with the following error
"Import of google-ldap failed. Only self signed CA certificates can have identical subject and issuer fields."
I have also attempted a test via the cli and get the following.
admin@fw01> test authentication authentication-profile gsuite-ldap username xyz password
Enter password :
Target vsys is not specified, user "xyz" is assumed to be configured with a shared auth profile.
Do allow list check before sending out authentication request...
name "xyz" is in group "all"
Authentication to LDAP server at ldap.google.com for user "xyz"
Egress: 10.12.29.8
Type of authentication: GSSAPI
Starting LDAPS connection...
Failed to create a session with LDAP server
Authentication failed against LDAP server at ldap.google.com:636 for user "xyz"
Authentication failed for user "xyz"
Any help would be much appreciated!