Configuring the User-ID Agent with NetBIOS Disabled

Configuring the User-ID Agent with NetBIOS Disabled

17850
Created On 09/25/18 18:01 PM - Last Modified 06/09/23 03:12 AM


Resolution


The User-ID software reads user and group information from an Active Directory server and forwards the learned information to a Palo Alto Networks firewall to allow using domain user and group-based policies.

 

This document covers the configuration required when NetBIOS probing is disabled. Disabling the NetBIOS probing option is recommended when the workstations are not allowing remote netBIOS probes.

 

To disable NetBIOS probes, follow these steps:

  • Setup > Edit > Client Probing > Enable NetBIOS Probing (uncheck)
    Setup > Edit > Cache > User Identification Timeout (720)

 

The recommended timeout setting is a time equal to or longer than the domain timeout. The default windows domain idle timeout is 8 hrs. Set the timeout to 8 hours or longer.

image.png

image.png

 

After making the changes, click ‘OK’ to continue.

 
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClN0CAK&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language