User Identification Agent Error Access Denied

This is the error I'm getting when I have runed a command

- less mp-log useridd.log

2025-05-12 13:56:46.879 +0530 Error: pan_user_id_win_wmic_log_query(pan_user_id_win.c:1688): log query for AD-Server failed: NTSTATUS: NT_STATUS_ACCESS_DENIED - Acces

Loading firewall context in CLI

Is there a way to load firewall context in Panorama CLI, similar to how we can load in GUI. 

Or is there a way to export in excel runtime stats/routes in GUI from virtual router.

False Positive: HelpDesk Viewer.

A false positive has been detected for HelpDeskViewer.exe. 

File Hash: <ec9eebf141d9f9a6bfc29b7de82f39a94286f05dcc85088d1c0d6e022fd76290>

Link to Virustotal report for the file: <https://www.virustotal.com/gui/file/ec9eebf141d9f9a6bfc29b7de82f39a94

Inquiry Regarding Conversion of Unused PCDRA Voucher

Hi, I would like to inquire if there’s any option to convert my PCDRA exam voucher into a voucher for a different but related certification exam.

I currently have a PCDRA voucher, but since the PCDRA exam appears to have been retired, I’m unsure how

To force NGFW login using SAML/SSO

Is it possible to use SAML/SSO login instead of manual credential username/password. 

Currently in the GUI page, we can either use manual credential / and SSO, but is it possible to force Admin to used SSO method instead.

How can I test a ldap server that is healthy or not？

Dear all

        We need to replace our old ldap server config to a new ldap server on PA firewall and panorama, I want to know if I add a new ldap server config on PA firewall and panorama, how can I test the healthy of the new ldap server? I try to

Packet Flow Sequence KB is Missing

Hello community,

There was a very good KB explaining the packet flow sequence on a Palo Alto firewall. It was an excellent resource both for study and tshooting because it contained a detailed list of steps on how the firewall processes the packet fro

Odd behavior around ISP Failover with Static Route Path Monitoring

Hi,

I had an unexpected situation occur recently with regards to failover behavior on static route path monitoring. We have 3 ISPs, and this past weekend 2 of them went down at different times (hooray). For the purposes of this post, I will be talkin

"-base" applications and how they relate to non-base applications

The term "base" makes this impossible to search for because "application-based" and "port-based" shwo up everywhere. I am not finding an answer in any documentation yet. So, please help me clarify. If I specify the application to be one with the suff

Multicast traffic on GP

Hey,

We have multicast traffic in the network. We recently deployed GP on our network and can't access the multicast streams. I heard GP doesn't support the multicast, but I also heard GP has a solution to support multicast. Any suggestions are hel

AZURE Entra MFA for admin access via CLI

We are easily able to setup MFA for the Web UI for the management port vial SAML and Entra SAML auth. We have run into some challenges I was surprised exist. First here are the requirements and goals

• PA VM series firewalls in  AZURE.
• No On prem AD, IS

Global Protect Virtual adapter not installed on ARM64 win 11 device

I am using the win11 device with qualcomm snapdragon 8 gen3rx ARM64 CPU.  But there is no virtual globalProtect adapter installed.

1. I have also tried out different versions of global Protect but none of this works GlobalProtect64-6.0.5 and  GlobalP

GlobalProtect Not Working on macOS (Sequoia 15.5)

Hi all,

I’m currently experiencing issues with GlobalProtect version 6.2.6-838 on a particular version of macOS. Interestingly, the same version of GlobalProtect works perfectly fine on macOS Sonoma, so the problem appears to be OS-specific—potential