This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies. For details on cookie usage on our site, read our Privacy Policy
i created two rules and top rule with selected user . in traffic log top rule is used ie with user. and follwoing is the result of command. > show user ip-user-mapping ip User: darah\rasheed From: CP Idle Timeout: 107s Max. TTL: 107s Groups that the user belongs to (used in policy) so that means one genaral rule with any and other rules with user or groups to be created for user authentication to work?.
... View more
yes .you are right when try to write i can see all users. my second problem when i am selecting users or groups to apply security policy like allowing app.web-browsing . it is not working.when i make any ie removing users or groups in users it working fine. i am using only one security policy for testing purpose.
... View more
thanks for reply. the users are not seen in security policy in user option. when select add only groups are there. the command shows all users to ip mapping..as per ldap documentation i tried except transparent mode. when try to browse same problem with added groups.
... View more
i have configured ldap server profile with "base=" and "basedn=ldap string " and domain= blank. in group mapping under available groups only groups are there and no users can be viewed. i have included two groups here. which is added in security policy rule under user option. In authentication profile i have added above included ldap groups in allow list with login attr sAMAccountName. i have tried without adding groups with allow "all" also. i am using captive-portal setting in redirect mode with captive portal policy rule for user identification. I have two problems 1) i cannot view users only groups are there. 2) after adding groups in security policy cannot web-browse ie very slow almost not working , but if groups removed from policy the web-browsing is ok. i want the rules to be applied using ldap authentication.
... View more