You can use
LDAP to
authenticate end users who access applications or services through
Authentication Portal and authenticate firewall or Panorama administrators
who access the web interface.
You can also
connect to an LDAP server to define policy rules based on user groups.
For details, see
Map
Users to Groups.