Retrieve Group Mapping Using a Master Device or Long-Form DN Entries
Focus
Focus

Retrieve Group Mapping Using a Master Device or Long-Form DN Entries

Table of Contents

Retrieve Group Mapping Using a Master Device or Long-Form DN Entries

Retrieve User-ID group mapping for Prisma Access by configuring an on-premises firewall as a master device.
After you configure User-ID mapping in Prisma Access, you need to be able to retrieve the current username-to-user group information for mobile users and users at remote networks. If you don’t use the Directory Sync component of the Cloud Identity Engine to retrieve IP address-to-username and username-to-user group information, you can populate the groups to allow them to be selected in drop-down lists in security policies by adding one or more next-generation firewalls to your deployment and then designating the firewall as a Master Device. Alternatively, you can implement User-ID mapping in policies using long-form Distinguished Name (DN) entries.