Mobile Access and Endpoint clients LDAP nested groups are not enforced correctly

Support Center > Search Results > SecureKnowledge Details

Technical Level

Solution ID	sk107472
Technical Level
Product	Mobile Access / SSL VPN
Version	All
OS	Gaia
Platform / Model	All
Date Created	09-Sep-2015
Last Modified	29-Jun-2021

Symptoms

Mobile Access and Endpoint clients LDAP groups are incorrectly enforced when users are located in a nested group.
Endpoint users are not matching rules when the source is an LDAP group.

Solution

No fix is required; the system is functioning as designed.

By design, authentication for users located in a nested group is not supported for Mobile Access and VPN.

As a workaround, configure a dedicated LDAP group

This solution has been verified for the specific scenario, described by the combination of Product, Version and Symptoms. It may not work in other scenarios.

Give us Feedback

Please rate this document

[1=Worst,5=Best]

Comment
	Submitting rating