IP to user mapping issues with Pan Agent

cancel
Showing results for 
Search instead for 
Did you mean: 

IP to user mapping issues with Pan Agent

Not applicable

We run McAfee which does some user authentication on AD for group policies. The problem is that when this happens, the ip to user mapping shows this service account as the user instead of the actual user that is logged in. The actual user is then unable to match on a specific rule and therefore gets the incorerct access.

Not sure if changing some timers will help???

Note: Netbios/WMI probing is disabled

1 ACCEPTED SOLUTION

Accepted Solutions

L4 Transporter

Hi There,

You need to have this user ignored in the User-ID Agent:

https://live.paloaltonetworks.com/docs/DOC-1116

Thanks

James

View solution in original post

3 REPLIES 3

L4 Transporter

Hi There,

You need to have this user ignored in the User-ID Agent:

https://live.paloaltonetworks.com/docs/DOC-1116

Thanks

James

View solution in original post

Thanks James

Is there any command, or something else that you can run, to confirm whether this is working after the file has been created? Should you restart any services?

Just to be on the safe side, you should restart the PAN-Agent service and reset the connection between the PAN device and the PAN-Agent.

> debug device-server reset pan-agent all

Traffic logs lacking the username in question would be indicative of it being resolved.

-Renato

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!