After a user changed active directory password, the GlobalProtect client runs into authentication issues
Issue
When using SSO, the GlobalProtect client uses credentials entered at the time the user logged on. Changing the password does not automatically send the new credentials to the client so it will continue to use the old password, which cause issues in some cases.
Resolution
It is recommended for the user to log out and log back in so that the SSO picks up the new credentials.