Enhanced Security Measures in Place: To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.
02-28-2017 11:33 AM
Hello,
I need your help with the following scene:
I have some machines with Windows 10 Operative System and I have detected a problem with the PA Firewall. The Firewall is not detecting the user (UIA), so the policy rules are denying the access.
Panos firewall: 7.1.4
User Id Agent version: 7.0.4-5
I have machines with Windows 7 SO and I don't have any navigation problem.
According to release information of 7.0.7-13 or earlier (User-ID Agent), the Windows 10 OS is not compatible. And the Release information of 8.0.0-42 does not specify whether W10 is supported or not.
Could anyone help me? Does anyone know if 8.0.0-42 User ID Agent or other version is compatible?
Thanks and regards,
COS
03-28-2017 03:33 AM
Hello all,
At the end, we disabled WMI and the problem was resolved. At the moment, we are working only with UIA and all devices working properly.
Thanks for your support.
Regards
02-28-2017 12:05 PM - edited 02-28-2017 12:10 PM
That's going to be a big deal for me...thanks for the heads up. My company is in the midst of upgrading all our clients to Win10.
--edit--
The OS compatibility is where the UIA itself can be loaded onto, not necessarily what OS of clients the UIA can detect.
I'd think as long as you're not changing the DC logs are being captured from it shouldn't be a problem.
Also, it might not be working (perhaps) if you were relying on WMI or NTLM querying of the end hosts?
02-28-2017 12:27 PM
Does anyone know what the timeline for 2016 AD server support is in UIA?
03-01-2017 05:22 AM
I'm a little confused by your post. I have probably about 6000-8000 Windows 10 Pro machines in my environment now, and we have no issues. We have Windows 2012 R2 as domain controllers and I have UserID Agent running on a Windows 2012 R2 server, and I have no problems detecting who is logged into my Windows 10 machines from the domain security logs.
03-01-2017 05:27 AM
Hi
And what firewall, PanOs version and UserId agent version do you have installed?
best regards
COS
03-01-2017 04:53 PM
I've been running this same setup for several years, but right now
UIA 7.0.7-13 running on Windows 2012 R2 Server against 2012 R2 domain controllers in 2012 R2 fuctional level.
5050's in Active/Standby running 7.0.14
5060's in Active/Standby running 7.0.14
03-02-2017 02:01 AM
Hi
I'm waiting for the end-customers answer. He used both ServerMonitoring and User-Id agent for user mapping, but didn't specified where the Windows10 users are mapped.
I'll kept you both informed. Thanks for your time
COS
03-02-2017 05:33 AM
I'll just throw in that I have a pretty good number of Windows 10 clients as well and I've not seen any issues getting the userids to come across.
03-02-2017 08:01 AM
I'm just using Windows server monitor and I don't do any types of client probing as I have 30,000+ machines and it's just not reasonable to probe that many machines. We have a mix of Windows 7, 8.1 and 10 machines and as long as they authenticate to the domain we have no issues reading the user mapping from the domain security logs.
When I originally set this up it didn't work because I was not auditing the proper events on my domain controllers and I had problems with the ID dropping and had to set the cache to 1 minute more than my Group Policy refresh time, so I have my cache set to 121 minutes as I notice when the GPO refreshes it trips an event in the security log.
03-28-2017 02:57 AM
This is question that needs a statement.
03-28-2017 03:33 AM
Hello all,
At the end, we disabled WMI and the problem was resolved. At the moment, we are working only with UIA and all devices working properly.
Thanks for your support.
Regards
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
