cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Who rated this post

L2 Linker

I finally solved with the official technical support. In my case we just enabled the logging with the following CLI command

debug software logging-level set level dump service rasmgr

 

and we could show the not matching happening.

 

In our case, the culprit was a misconfiguration we had in our Group Mapping settings.

DEVICE --> User Identification --> Group Mapping Seeting-->Server Profile--> Domain Setting -->User Domain  . Here I had some short version of our domain name. I just left this setting empty so by default is extracting the domain value from the user name.

 

some info

https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-web-interface-help/user-identification/device-u... [docs.paloaltonetworks.com]

I hope it helps.

 

 

 

View solution in original post

Who rated this post