Since upgrading to pan os 10.0.6, we've noticed the "ignore_user_list" on our server user-id agents doesn't seem to be working. We did not have any issues prior to upgrading to 10.0.x. Has anyone else noticed this issue? We upgraded our user-id agent to 10.0.3-10 (latest version) at the same time. We have a support ticket open, but have yet to find a solution.
Appears to be a problem with the user-id agent and UPN format. If I add the sAMAccountName and UPN format for an account to the ignore_user_list, it gets ignored. We didn't have to have the UPN prior to the 10.0.x user-id agents. We also have some domain\account* entries... I tried firstname.lastname@example.org but that doesn't seem to work. So I've updated my TAC case to see if they can assist. Not sure if this is a bug or configuration issue, though there's very limited config options for the UID agents.
Just posting in case someone else has this issue also!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!