When using Palo Alto Networks VPN LDAP integration, here are the basic settings to configure authentication with JumpCloud’s hosted LDAP service:
Prerequisites:
See Using JumpCloud’s LDAP-as-a-Service to obtain the JumpCloud specific settings required below.
LDAP Server Profile
Domain: ldap.jumpcloud.com
Type: other
Base: ou=Users,o=<your-organization-id>,dc=jumpcloud,dc=com
Bind DN: uid=<ldap-binding-user>,ou=Users,o=<your-organization-id>,dc=jumpcloud,dc=com
Bind & Confirm Bind Password: <ldap-binding-user’s-password>
Require SSL/TLS secured connection: Checked
Group Mapping
Group Objects
Search Filter: (blank)
Object Class: groupOfNames
Group Name: cn
Group Member: uid, member
User Objects
Search Filter: (blank)
Object Class: inetOrgPerson
User Name: uid
Mail Domains
Mail Attributes: mail
Authentication Profile
Type: LDAP
Login Attribute: uid
User Domain:jumpcloud.com
Username Modifier: %USERINPUT%
Ref: Configuring a Palo Alto Networks Firewall to use JumpCloud’s LDAP-as-a-Service