06-02-2013 07:46 PM
Hi!
We are currently using a PA500 appliance using User ID Agent on Windows Server 2008 R2.
My profile account (ex. super_user) is exempted to all which means I have no restrictions in accessing any websites.
Apparently, when I RDP our servers I have to login as our admin account (ex. adm_user). After my activity on our servers, I closed RDP and go back to my internet activities but apparently Palo Alto validates my login as adm_user and not super_user anymore.
06-03-2013 12:11 AM
That's expected behavior with the current implementation of User-ID. If you logoff logon from your locl machine, User-ID will pick up your correct user name again.
06-03-2013 12:11 AM
That's expected behavior with the current implementation of User-ID. If you logoff logon from your locl machine, User-ID will pick up your correct user name again.
06-03-2013 02:11 AM
A workaround is to add adm_user to the exclude list (that is use a dedicated account for RDP (that means you got two accounts - one to login with and the other to use for RDP)) in the PAN-agent. This way the PAN-agent will ignore adm_user when it login through RDP.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
