Home
EN
Location
Documentation Home
Palo Alto Networks
Support
Live Community
Knowledge Base
>
Clear
Populate User and Group Names in Security Policy Rules
Updated on
Mon Jul 29 16:16:40 UTC 2024
Focus
Download PDF
Updated on
Mon Jul 29 16:16:40 UTC 2024
Focus
Home
Prisma
Prisma Access
Configure User-ID and User-Based Policies with Prisma Access
Populate User and Group Names in Security Policy Rules
Download PDF
Populate User and Group Names in Security Policy Rules
Table of Contents
Filter
Expand All
|
Collapse All
Prisma Access Docs
Activation & Onboarding
Administration
Version
Prisma Access China
4.0 & Later
3.2 Preferred and Innovation
3.1 Preferred and Innovation
3.0 Preferred and Innovation
2.2 Preferred
Integrations
Incidents & Alerts
Release Notes
Version
5.2 Preferred and Innovation
5.1 Preferred and Innovation
5.0 Preferred and Innovation
4.2 Preferred
4.1 Preferred
4.0 Preferred
3.2 Preferred and Innovation
3.1 Preferred and Innovation
3.0 Preferred and Innovation
2.2 Preferred
Previous
Get User and Group Information Using the Cloud Identity Engine
Next
Populate User Group Names in Security Policy Rules Using the Cloud Identity Engine
Populate User and Group Names in Security Policy Rules
Retrieve User-ID group mapping for Prisma Access by configuring an on-premises firewall as a master device.
After you configure User-ID mapping in Prisma Access, you need to be able to retrieve the current username-to-user group information for mobile users and users at remote networks. While configuring
Group Mapping in the Cloud Identity Engine
performs username-to-user group mapping, those user groups are not selectable in security policy rules. You can populate the groups to allow them to be selected in security policy rule drop-down lists by either
configuring a next-generation firewall as a Master Device
or
configuring the Cloud Identity Engine
to do so. Alternatively, you can implement User-ID mapping in policies
using long-form Distinguished Name (DN) entries
.
Populate User Group Names in Security Policy Rules Using a Master Device
Populate User Group Names in Security Policy Rules Using the Cloud Identity Engine
Use Long-Form DN Entries to Implement User- and Group-Based Policy
Previous
Get User and Group Information Using the Cloud Identity Engine
Next
Populate User Group Names in Security Policy Rules Using the Cloud Identity Engine