Users Locked Out of AD when Logging to GlobalProtect Configured with RADIUS Authentication Profile
When a user attempts to login via GlobalProtect, the active directory user gets instantly locked out even if the correct username and password was used.
The authentication profile is set for RADIUS, and the authd.log shows the following:
Authentication failed for user xxxx
Reason: Invalid username/password From: IP x.x.x.x
This behavior can occur when the shared secret configured in the authentication profile doesn't match the one configured on the RADIUS server itself.
Make sure that the shared secret matches.