Home > Palo Alto > AD base DN in group mapping on Palo Alto

AD base DN in group mapping on Palo Alto

I have just had some hard time configuring AD group mapping on a PA firewall. The firewall kept saying “invalid credentials” (though I had them triple-checked, re-set the password and made sure all my AD replication completed). I ended up doing a packet capture on PA which told me that in fact my context was wrong:

pa

The solution was to go to ADUC, enable Advanced view and copy/paste object’s DN (which corrected a typo I made):

pa2

 

Advertisements
Categories: Palo Alto Tags: ,
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: