free palo alto authentication banner - Google Search - Google Chrome 2020-01-24 9_57_05 PM (2)
Eric U Ngabonziza

How to enable LDAP server in the Palo Alto firewall

LDAP (Lightweight Directory Access Protocol) is an application protocol used to locate data related to organizations, individuals and other resources such as files and devices in a network -- whether on the public internet or on a corporate intranet. LDAP is used in Microsoft's Active Directory (AD).

LDAP can customize any permissions to any object, also the users can be members of multiple groups.

LDAP can replicate the directory by adding domain controllers and account lockout policy and password history features for security.

Below you can find the steps to be followed while enabling LDAP in the Palo Alto firewall:

STEP1: Open LDAP profile:

Select Device

Server Profiles

LDAP and click Add button.

STEP2: Create LDAP Server profile:

Enter a Profile Name to identify the server profile;

Fill out the LDAP server IP address with port 636 (LDAP over SSL/TLS);

Select the server Type from the drop-down: active-directory;

Fill out the Base DN, bind DN and the password;

Check off SSL/TLS box and click on OK button.

STEP3: Commit the configuration:

Author: Eric Uwonkunda Ngabonziza

Share this post

Share on facebook
Share on google
Share on twitter
Share on linkedin
Share on pinterest
Share on print
Share on email