05-23-2016 01:30 AM
Configured a new TS on palo alto and installed agent on the server. Already have 2 TS configured on the PA and running fine.This new server has 2 service accounts with both needing internet access. These are adsync and centrify service accounts. I can see mapping of the users who are logging to TS server but service accounts are having issues. centrify wasn't able to access internet. Will TS also map service accounts in the same way as user accounts. When stopped agent on the server and deleted TS config from PA200( PANOS-7.6) it was working again.
But i could see in user-ip mapping as if service accounts are knocking each other out as the mapping of ip to service account was changing between adsyn and centrify account. How could i get both service account working on the TS.
05-23-2016 01:57 AM
Hi
Service accounts get access to the stack at a different level than user accounts, this means the TSAgent will not be able to control source ports assigned to service accounts.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
