Regarding response message of User-ID API

Announcements

Changes to the LIVEcommunity experience are coming soon... Here's what you need to know.

Reply
tmyzw
L2 Linker

Regarding response message of User-ID API

Hello,

I found strange response message from user-id API on PAN-OS 5.0 while I was tweaking my user-id API tool.

Here is the XML message I sent to the firewall directory(not through dedicated user-id agent machine):

*******************************************

<uid-message><version>1.0</version><type>update</type><payload><login><entry name="test3" ip="1.1.1.1" timeout="1"><hip-report/></entry></login><logout/><groups><entry name="group1"><members><entry name="test3"/></members></entry></groups></payload></uid-message>

*******************************************

Response message from the firewall:

*******************************************

<response status="success"><result><![CDATA[

missing user-name.                  <------------------------------------!!!!!!!!!!!!!!!! what is this???

]]></result></response>

*******************************************

But user name was properly set into the firewall:

*******************************************

admin@PA-200> show user ip-user-mapping all

IP              Vsys   From    User                             IdleTimeout(s) MaxTimeout(s)

--------------- ------ ------- -------------------------------- -------------- -------------

1.1.1.1         vsys1  XMLAPI  test3                            59             59          

Total: 1 users

*******************************************

This isn't defect of my tool since doing with wget(mentioned in API Usage Guide). I also tried attaching domain name into username and group name. The firewall responded identical message in those cases.


It seems that logging and policy control are working properly so this might be a cosmetic issue. But what I want to know are:

- what does the message mean?

- any way to eliminate this?

If this message doesn't have to be cared, it's ok but I want to decide if this message can be ignored in developer's program kicking the API.

Thanks,

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!