No result from "show user pan-agent user-IDs" command

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

No result from "show user pan-agent user-IDs" command

Not applicable

Dear All,

   I just install pan-agent on my AD, windwos 2003 server, and configure PAN box to connect to this pan-agent. I can see traffic with user from AD server. I found result from command " show user ip-user-mapping all".  I can list group of AD with command " debug device-server dump user-group name".

  However after I run command "show user pan-agent user-IDs", it didn't return result. I found some misstake. I cann't control application usage with group name from AD on security policy. Moreover, after I add user on AD, PAN box didn't update list of new user from AD.

Thanks you,

TU

3 REPLIES 3

L4 Transporter

Hi,

Have you tried to click  Get all from the first page of the PAN agent console? Can you see any user to IP mapping there? How many domain controllers do you have? Have you put all the domain controllers on the list which is mandatory? Are you running the agent with privilege to read AD security log?

Hi,

   It's ok after I open PAN agent console and click get group as you guide me. Other question is I must open PAN agent console and click get group after I add new user into AD? It isn't make sense to do this thing. I must always open PAN agent console?

Thanks you

TU

Hi,

You don't need to do so. Have you tried to add a new user and use that account to logon any one of the PCs? PA needs to see the user in AD log in order to have user to IP mapping. Also, if that user logon through a DC which is not added to the PAN agent, we won't see the log as well.

  • 2032 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!