I am installing a new PA at a customer who has a Samba domain instead of an AD domain.
I should point out that I know little about Samba.
Question is: how can I implement UserID?
* With the UserID agent -> This will not work, since the agent is only AD based, and since Samba does not have any security logs from which to read.
* With Captive Portal -> This will work, but is quite intrusive and is only for browser based traffic. Extra question: could I configure it to use NTLM? Not sure how authentication works in a Samba domain.
* With the GlobalProtect client + and internal Gateway -> This will work, but does require an extra license.
* Using some form of custom script + the API -> This should work as well, but then we will have the hassle of supporting a custom script. Extra question: anybody has made something like this and care to share?
* Any other ideas?
Thanks for the feedback