Palo Alto Networks Knowledgebase: Active Directory Groups in Panorama Rules

Active Directory Groups in Panorama Rules

10370
Created On 09/25/18 19:38 PM - Last Updated 02/08/19 00:02 AM
Resolution

Overview

Active Directory (AD) groups can be used in the security rules, but Panorama does not have a User-ID feature. In Panorama 4.1 and later, the groups to be used in the Security Policy are pulled from the master device.

 

Steps

  1. Go to the Panorama > Device Groups and select Master Device.
    Master device -1.JPGMaster device 2.JPG
  2. Click OK to commit and check in Security Policy.
    The following screenshot shows an example of the Active Directory groups pulled from the Master Device and available for selection in the Security Policy rule on Panorama:
    policy.png

 

owner: bpappas



Attachments
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000Clb6CAC&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Attachments
Choose Language