https://live.paloaltonetworks.com/t5/strata-cloud-manager/user-id-mapping-redistribution-both-in-strata-and-on-a-windows/m-p/1231860#M28 <P>Does anyone have a step by step guide of setting up a User Id agent on a DC, mapping Ip to users and redistributing this data in Strata Cloud Manager. Currently, the User ID agent is pulling data from the servers and has IP-User entries. However, only mobile users are being mapped in the Firewall logs in Strata.&nbsp;</P> <P>Also, the user Id agent does not show that it is connected to any devices i.e Prisma/Firewall.</P> Tue, 17 Jun 2025 02:49:28 GMT T.OluOjo 2025-06-17T02:49:28Z https://live.paloaltonetworks.com/t5/strata-cloud-manager/user-id-mapping-redistribution-both-in-strata-and-on-a-windows/m-p/1231860#M28 <P>Does anyone have a step by step guide of setting up a User Id agent on a DC, mapping Ip to users and redistributing this data in Strata Cloud Manager. Currently, the User ID agent is pulling data from the servers and has IP-User entries. However, only mobile users are being mapped in the Firewall logs in Strata.&nbsp;</P> <P>Also, the user Id agent does not show that it is connected to any devices i.e Prisma/Firewall.</P> Tue, 17 Jun 2025 02:49:28 GMT https://live.paloaltonetworks.com/t5/strata-cloud-manager/user-id-mapping-redistribution-both-in-strata-and-on-a-windows/m-p/1231860#M28 T.OluOjo 2025-06-17T02:49:28Z https://live.paloaltonetworks.com/t5/strata-cloud-manager/user-id-mapping-redistribution-both-in-strata-and-on-a-windows/m-p/1236010#M44 <P>I think this is what you are looking for&nbsp;<A href="https://docs.paloaltonetworks.com/strata-cloud-manager/getting-started/manage-configuration-ngfw-and-prisma-access/identity-services/identity-redistribution" target="_blank">Manage: Identity Redistribution</A></P> Thu, 14 Aug 2025 13:59:49 GMT https://live.paloaltonetworks.com/t5/strata-cloud-manager/user-id-mapping-redistribution-both-in-strata-and-on-a-windows/m-p/1236010#M44 ErnestoM 2025-08-14T13:59:49Z https://live.paloaltonetworks.com/t5/strata-cloud-manager/user-id-mapping-redistribution-both-in-strata-and-on-a-windows/m-p/1236035#M47 <P>Thank you for the link. Yes, that document indeed helped. I will add the full workflow in this thread for anyone who may also need it.&nbsp;</P> Fri, 15 Aug 2025 00:24:51 GMT https://live.paloaltonetworks.com/t5/strata-cloud-manager/user-id-mapping-redistribution-both-in-strata-and-on-a-windows/m-p/1236035#M47 T.OluOjo 2025-08-15T00:24:51Z https://live.paloaltonetworks.com/t5/strata-cloud-manager/user-id-mapping-redistribution-both-in-strata-and-on-a-windows/m-p/1236037#M48 <P>The workflow in my SD WAN environment for anyone who may need.&nbsp;</P> <P>1. Install Windows User-ID agent on server to collect auth logs from DCs/IDPs. See&nbsp;Step-by-Step Palo Alto Windows User-ID Agent Setup Guide [2024] by NetSums on YT&nbsp;<A href="https://www.youtube.com/watch?v=TEXU5LI72t4&amp;t=1209s" target="_blank">Step-by-Step Palo Alto Windows User-ID Agent Setup Guide [2024]</A></P> <P>2. Virtual FW required per Palo documentation. Deploy VM <A href="https://docs.paloaltonetworks.com/vm-series/10-1/vm-series-deployment" target="_blank">VM-Series Deployment Guide.</A>&nbsp;and configure the Windows User-ID agent as a Data Redistribution agent in the PA-VM&nbsp;</P> <P>3. Ensure Security policies exist on PA VM to allow communication between PA-VM and Windows User-Id agent. (Server end also needed a firewall rule in my case to allow connections on Port 5007).&nbsp;Monitor&gt;&gt;User-ID on PA VM should be populated afterwards.&nbsp;</P> <P>4. Use existing or create a new SC per&nbsp;<A href="https://docs.paloaltonetworks.com/strata-cloud-manager/getting-started/manage-configuration-ngfw-and-prisma-access/identity-services/identity-redistribution" target="_self">Manage Identity</A>. Depending on your end goal, add the PA-VM as a redistribution agent sending to RN or SC nodes.</P> <P>5. If configured correctly,&nbsp; Device&gt;Data redistribution&gt;&gt;Clients&nbsp;on PA-VM will be populated with the EBGP router address of the SC. Firewall/User-id logs in Strata will also reflect the PA-VM as the Mapping Data Source.</P> <P>&nbsp;</P> <P><span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span></P> Fri, 15 Aug 2025 00:46:23 GMT https://live.paloaltonetworks.com/t5/strata-cloud-manager/user-id-mapping-redistribution-both-in-strata-and-on-a-windows/m-p/1236037#M48 T.OluOjo 2025-08-15T00:46:23Z https://live.paloaltonetworks.com/t5/strata-cloud-manager/user-id-mapping-redistribution-both-in-strata-and-on-a-windows/m-p/1236713#M55 <P>HI T.</P> <P>In all honesty start as soon as possible to use Cloud identity Engine as a replacement, it is so much easier to deploy (free) and manage, and it also uses much fewer firewall and network resources, this can slowly be integrated into your existing environment without causing any disruption as can be run during migration in parallel with legacy User_ID, its really a no brainer and i no longer even consider using User-ID</P> Tue, 26 Aug 2025 11:48:34 GMT https://live.paloaltonetworks.com/t5/strata-cloud-manager/user-id-mapping-redistribution-both-in-strata-and-on-a-windows/m-p/1236713#M55 GabrielBryson 2025-08-26T11:48:34Z https://live.paloaltonetworks.com/t5/strata-cloud-manager/user-id-mapping-redistribution-both-in-strata-and-on-a-windows/m-p/1236912#M56 <P>Thanks for the recommendation, Gabriel. I will look into the CIE and see how we go with that. If you do have any useful links/docos please feel free to share them. Thanks!</P> Fri, 29 Aug 2025 00:07:16 GMT https://live.paloaltonetworks.com/t5/strata-cloud-manager/user-id-mapping-redistribution-both-in-strata-and-on-a-windows/m-p/1236912#M56 T.OluOjo 2025-08-29T00:07:16Z