USER-ID Agentless change its browsing methode?

Reply
Highlighted
L4 Transporter

USER-ID Agentless change its browsing methode?

Hello

I was a little surprise when I configured a user-id with active directory monitoring

I defined a specific user with all the right needed on the active directory like

user is part of the Distributed COM Users, Server Operators and Event Log Readers groups

the windows active directory is base on WIN2008 R2 only Event Log Readers groups is needed

but the result was the paloalto was not connected to the AD controler

and I looking for a while until I try to activave the WMI probing

I execute Run wmimgmt.msc (on the domain controller server) on the command prompt to open the console and modify the  properties

Select the Security tab of the WMI Control Properties and drill down to the CIMV2 folder. Select this folder and click the Security button. Add the service account

and check off both Enable Account and Remote Enable.

as describe their:

PANOS 5.0 User-ID Installation and configuration including integration guide with Microsoft NPS

In fact I have used this fonctionnality  for a while with admin account. and everything works

now I can used another kind of user but with wmi right access.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!