cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

About Victor1

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Victor1
‎09-24-2020
since ‎06-18-2018
L0 Member
User Activity
User Profile
Latest posts by Victor1
View All
User Badges
Public Statistics
Date Registered ‎06-18-2018 06:12 AM
Date Last Visited ‎09-24-2020 12:01 PM
Total Messages Posted 1

Re: Consuming user group in GlobalProtect SAML Authentication

by in General Topics
‎09-16-2020 08:47 AM
‎09-16-2020 08:47 AM
We did this with Azure AD as well. Out basic setup is as follows: Configure the LDAP Server profile for the on-premise AD infrastructure (Base DN is in the following format "DC=domain,DC=local" ) Configure SAML IdP to work with Azure AD Configure Group-Mapping using the LDAP profile. On the "User and Group Attributes" tab, we swapped "Primary Username" to be "userPrincipleName" and "Alternate Username 1" to be "sAMAccountName" This way the SAML username attribute matches the LDAP username attribute On the GlobalProtect side, we specified the group in the configs in the following format: "CN=User Group Name,OU=org unit,DC=domain,DC=local" When we tried it in the "domain\group name" format, we had no success, but we found a post on reddit that suggested trying either format to see what works in your environment. Apparently the format is dependent on how your AD infrastructure is setup. ... View more
Register or Sign-in
Contact Me
Online Status
Offline
Date Last Visited
‎09-24-2020 12:01 PM
Likes Given To
View All
Latest Blogs
Latest Posts
Privacy Policy Terms of Use
Copyright 2007 - 2021 - Palo Alto Networks