Is it possible to configure Agent User ID or Firewall or not to map a user?

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Is it possible to configure Agent User ID or Firewall or not to map a user?

L2 Linker

Hello everyone,

I have a communication tool on each PC users that perform LDAP queries to my AD to retrieve information from other users.

This tool is using the same account (\ ccm), explain how to Palo Alto or rather the agent does not back this user?

The current problem is that in my logs all IPs of my users are raised with In User \ ccm name.

Thank you very much for your help.

6 REPLIES 6

L6 Presenter

If your intention is to ignore a user from being mapped, please create an 'ignore_user_list.txt' file within the install directory for UID. Add the user in question similar to what I've done.

5-29-2013 6-12-39 AM.png

Restart the UID service and confirm you are no longer mapping that service account.

By the way, how come these settings arent available through the gui of the pan-agent?

And how do you put in this blacklist if you use the builtin pan-agent of a PANOS 5.x box (instead of a standalone)?

Thanks! 🙂

And what about why this isnt available through the gui of the pan-agent?

Hard to answer that Smiley Happy

maybe there is a feature request for this...maybe it is hard to do for them.(code handicap or something)

A simple workaround for the coders would be to at least create this as a menu option or a button somewhere in the gui which will open the textfile (and create it if it doesnt exist) through default app for .txt files.

  • 3681 Views
  • 6 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!