This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

terminal Agent - session 0 "no need to handle"

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

terminal Agent - session 0 "no need to handle"

pkonitz
L2 Linker

‎08-06-2013 05:35 AM

hi all,

I've encauntered the issue with terminal agent mapping.

Everything is working fine for normal users using terminals but for local console Administrator it is pain in the a...

It seems that Terminal Agent is skipping this mapping (local console for session 0)

07/26/13 08:19:26[Debug 1273]: Session 0, name Console.


07/26/13 08:19:26[Debug 1282]: Session 0, username ad-kurzeja.


07/26/13 08:19:26[Debug 1296]: Session 0, domain name XP.


07/26/13 08:19:26[Info  1321]: str for username is XP\ad-user


07/26/13 08:19:26[Debug 1337]: Session 0, no need to handle.

however this user is mapped properly in AD logs so User-ID agent seem to see this mapping.

The problem is that normal terminal users when they logg in to the terminal and are mapped to IP:port range they are also seen in User-ID Agent mapping so current mapping is overwritten (for terminal server).

We can't use exlude list on USER-ID Agent cause console users won't be mapped at all. The problem could be solved if Terminal Agent was doing all the mappings (for remote users and console users). Can this be accomplished?

or maybe some scripts for API?

regards

Przemek

0 Likes Likes
2 REPLIES 2

mikand
L6 Presenter

‎08-11-2013 11:39 AM

What about creating a group policy which prohibts locally logged in user(s) to reach the network/internet?

Other than that I think you would need to use the regular userid to get a log of regular DC logins.

Sounds something you should contact the support with and then get back to this thread with the result Smiley Happy

0 Likes Likes

pkonitz
L2 Linker
In response to mikand

‎08-11-2013 10:54 PM

We opened the case and they did replicate the problem so I'm avaiting the result Smiley Happy

the problem is that this locally logged users should access the Internet but with the rights of Administrator Policy on PALO so either Terminal Agent or User Agent need to do the mapping of this user.

Meanwhile:

- terminal agent ignores console 0 - doesn't see the mapping

- user id agent does the mapping but whenever normal terminal user logs in, AD seems to create similar logs and user id agent overwrites this mapping

regards

Przemek

0 Likes Likes
  • 2731 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks