Newly Added Active Directory Users do not Appear on the Firewall

Newly Added Active Directory Users do not Appear on the Firewall

115680
Created On 09/25/18 19:20 PM - Last Modified 06/09/23 06:12 AM


Resolution


Issue

Newly added active directory users do not appear on the firewall unless configuration changes are done to the User-ID agent and committed.

The new user also doesn't show when running the following command:

>show user group name "domain\group name"

 

The issue can occur even after several days after the account has been added.

 

Resolution

The user-id process needs to be refreshed/reset.

Follow commands below as a workaround.

>debug user-id refresh group-mapping <all/group-mapping-name <group mapping profile> >

 

If the above command does not list the user, run the additional two commands:

>debug user-id reset group-mapping <all/group-mapping-name <group mapping profile> >

>show user group name "domain\group name"

 

The user will get listed as a group member.

 

owner: ukhapre
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClVtCAK&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language