Category Archives: Palo Alto

How to obtain the Base DN or Bind DN Attributes from Active Directory

Basics of Active Directory With LDAP syntax the Bind DN, or the user authenticating to the LDAP Directory, is derived by using LDAP syntax and going up the tree starting at the user component. For example, the user user1 is contained in the Users container, under the example.com domain. The corresponding Bind DN will look like the following: CN=user1,CN=Users,DC=example,DC=com, but this will be… Read More »

Palo Alto: Configure Agentless User-ID

Configure the following on the Active Directory (AD) Server and the Palo Alto Networks device: Create the service account in AD, which is utilized on the device. Be sure the user is part of thethe following Groups: – Distributed COM Users – Event Log Readers – Server Operators Note: Domain Admin privileges are not required for… Read More »

Palo Alto: Create application override

Situation: You have HTTP service running on non-standard port and Palo Alto is blocking it Steps: 1. Define new application 2. Apply policy Define new application 1. Go to Object→Applications→Add 2. From the Application window, fill up necessary info as per below example. Apply policy 1. Go to Policy→Application Override→Add 2. Create new policy and… Read More »