LDAP Authentication and Remote Users and Groups
- Create Remote User Objects and LDAP Integration:
- samAccountName - eric.wei
- UserPrincipalName - eric.wei@pandabusiness.local
- Prerequisites:
- Microsoft Active Directory(LDAP)
- AD service account for Palo Alto Firewall Integration
Create security groups and a function account in Users OU.
Test this account's WQL queries using WBEMTEST.
https://4sysops.com/archives/wbemtest-part-1-testing-wmi-connectivity/
Set the LDAP Server Profile.
Create two Authentication Profiles.
LDAP Auth:
Local Database Auth:
Set Authentication Sequence.
Set Server Monitoring in User Identification and commit the changes.
Set Group Mapping Settings.
Finally set the security policies.
Policy 1 - Restrict-Internet
Policy 2 - Full Internet
Commit the change to take effective finally.
