4 AD servers and only one shows as Connected user-id agentless

Reply
L1 Bithead

4 AD servers and only one shows as Connected user-id agentless

hello team

 

 

we have this new set up for group-mapping , with 4 AD servers, we already set-up everything, we can see in the user monitoring all activity from user, however in the section relate to server monitor the status only shows one server connected, we follow the KB: https://knowledgebase.paloaltonetworks.com/KCArticleDetail?id=kA10g000000ClaICAS to validate the configuration on the AD's for he user and we are fine with this, we are running PAN-OS 8.1.9 in this scenario.

 

are we facing a bugging issue as a reason why we don't see all the 4 AD's with status as a connected?

please let me know your comments.

cordially

jose

If you try the best you can
the bestyou can is good enough
L7 Applicator

Re: 4 AD servers and only one shows as Connected user-id agentless

@JoseEspinoza,

This isn't any of the known bugs associated with 8.1.9. You should see all the AD servers as connected as long as they've all actually been configured properly. Verify that your system admins haven't only added the proper permissions on the one AD server. 

L1 Bithead

Re: 4 AD servers and only one shows as Connected user-id agentless

hi there

 

 

as I said before, all 4 AD servers have the same user configuracion and permissions for this setup,

the issue that only one appears as a connected.

cordially

jose

 

 

If you try the best you can
the bestyou can is good enough
L1 Bithead

Re: 4 AD servers and only one shows as Connected user-id agentless

hi 

 

the below is the log from the PA

 

2019-10-16 07:48:35.172 -0600 Error: pan_user_id_win_log_query(pan_user_id_win.c:1364): log query for SRPRDC03 failed: NTSTATUS: NT code 0x80041003 - NT code 0x80041003

2019-10-16 07:48:35.172 -0600 Error: pan_user_id_win_get_error_status(pan_user_id_win.c:1055): WMIC message from server SRPRDC03: NTSTATUS: NT code 0x80041003 - NT code 0x80041003

 

cordially

jose

If you try the best you can
the bestyou can is good enough
L7 Applicator

Re: 4 AD servers and only one shows as Connected user-id agentless

@JoseEspinoza,

The error you are receiving is a permissions error, again, verify that you actually have permissions set correctly. The error message you posted is saying they aren't 

L1 Bithead

Re: 4 AD servers and only one shows as Connected user-id agentless

yes, we found that the admin of the AD server was not setup properly the other 3 srvs, just he configure one, 

now all of them show their status as a CONNECTED

 

thank you

If you try the best you can
the bestyou can is good enough
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!