Cyber Security - Palo Alto Firewall Objects Addresses, Services, and Groups(3)

LDAP Authentication and Remote Users and Groups

• Create Remote User Objects and LDAP Integration:
  • samAccountName - eric.wei
  • UserPrincipalName - eric.wei@pandabusiness.local
• Prerequisites:
  • Microsoft Active Directory(LDAP)
  • AD service account for Palo Alto Firewall Integration

Create security groups and a function account in Users OU.

 

 

Test this account's WQL queries using WBEMTEST. 

https://4sysops.com/archives/wbemtest-part-1-testing-wmi-connectivity/

 

Set the LDAP Server Profile.

 

 Create two Authentication Profiles.

LDAP Auth:

 

 

 

 Local Database Auth:

 

 

 

 Set Authentication Sequence.

 

 Set Server Monitoring in User Identification and commit the changes.

 

 

 

 Set Group Mapping Settings.

 

 

 

 Finally set the security policies.

Policy 1 - Restrict-Internet

 

 

 

 

 

 

 

 

 Policy 2 - Full Internet

 

 

 

 

 

 

 

 

 

 Commit the change to take effective finally.