I configured the Base name and bind name properly but we facing the following error in putty “pan_user_id_win_get_error_status(pan_user_id_win.c:1130): WMIC message from server AD-Monitor: NTSTATUS: NT_STATUS_ACCESS_DENIED - Access denied” and “pan_user_id_win_wmic_log_query(pan_user_id_win.c:1439): log query for AD-Monitor failed: NTSTATUS: NT_STATUS_ACCESS_DENIED - Access denied”
I presume that you use the build-in User-ID agent. This normally happens, when you have not added the AD account used by the firewall to account with rights to read the WMIC address space.
You need to repeat it on each monitored server:
Still Same issue (Access Denied)
2019-05-01 08:59:20.280 +0530 Error: pan_user_id_win_wmic_sess_query(pan_user_id_win.c:1588): session query for 192.168.0.212 failed: NTSTATUS: NT_STATUS_ACCESS_DENIED - Access denied
I have integrate one more firewall with server 2008, that is working fine,
The above error i am getting from firewall after running this command (less mp-log useridd.log), integration with server 2012 r2
I have two problems:
2021-11-18 12:18:06.656 -0600 Error: pan_user_id_win_wmic_sess_query(pan_user_id_win.c:1748): session query for USER-ID failed: NTSTATUS: NT code 0x80041003 - NT code 0x80041003
2021-11-18 12:18:06.656 -0600 Error: pan_user_id_win_get_error_status(pan_user_id_win.c:1275): WMIC message from server USER-ID: NTSTATUS: NT code 0x80041003 - NT code 0x80041003
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!