General troubleshooting information for Portnox Cloud integrations

In this topic, you will find frequently asked questions, answers, and troubleshooting tips related to Portnox™ Cloud integrations with third-party solutions.

What user information does Portnox Cloud read from authentication repositories?

When integrating with an authentication repository, Portnox Cloud reads the following user information for all supported repository types:

• User ID
• User name
• Distinguished name
• Email address
• Status (active or inactive)
• Password status (whether a reset is required)
• Group membership

Note: This information is necessary for Portnox Cloud to enforce access policies, assign users to groups, and track authentication activity.

When mapping an Active Directory (AD) group to a Portnox Cloud group, are users in subgroups also mapped?

Yes, all users in all subgroups at any level are automatically mapped if the parent AD group is mapped to a Portnox Cloud group.

For example, consider the following structure:

main_group
|
+--- subgroup
|       |
|      +--- user_2
|
+--- user_1                    

If you map main_group to a Portnox Cloud group, both user_1 and user_2 are mapped, even though user_2 belongs to a subgroup that was not explicitly mapped.

You have a third-party security solution and you want to send information to this solution about user logins through Portnox Cloud, including user names and local IP addresses. How can you send such information to a third-party solution?

1. To be able to receive information about local IP addresses in Portnox Cloud, your NAS devices must be configured to use a local RADIUS server. If they use the cloud RADIUS servers, you will not be able to obtain local IP addresses. Deploy a local RADIUS server and configure it in your NAS devices.

   Related guides:

   • Run the local RADIUS server in a container or Set up a local RADIUS server using a virtual machine

   • Configure Ethernet devices to work with Portnox Cloud or Configure wireless devices to work with Portnox Cloud

2. Integrate your Portnox Cloud with an on-premises SIEM solution that includes a syslog listener. You will send Portnox Cloud alerts to this on premises solution, so that you can parse the syslog and deliver suitable information to your third-party security solution.

   Related guides:

   • Integrate with NXLog

   • Integrate with Kiwi Syslog Server

3. Consult your syslog collector documentation and your third-party security solution documentation on how to send information from your on-premises syslog to your security solution.