Can someone please explain why the User-ID connects and disconnects immediately. I can see this happening under the system logs thereby this does not populate the source users under the traffic and url logs.
I tried looking up the knowledge base to understand this issue but was unsuccessful. I then even went through the whole process of configuring the User-ID agent, LDAP and User-ID on the firewall from the beginning.
The box is not in production at the moment as i was doing an Eval. It wasn't an issue, but out of interest and to seek knowledge posted it.
PANOS version 4.1.6 and User-ID agent 4.1.3-2. Unfortunately, I cannot get the debug log from the agent as the customer has uninstalled the agent. This was happening when the box was placed in VWire mode for evaluation and unfortunately I realized it after the unit was shipped back to me..!!!
It is unfortunate that we don't have access to the User-ID Agent logs, but not the end of the world. If the logs are still on the firewall, you can log into the cli and view the useridd.log for any errors that may point toward a cause of the frequent disconnects.
less mp-log useridd.log
This may provide more detail on the disconnects.
Here is simple question..
Where is the User-ID agent installed on?
If installed ON the Domain Controller itself.. it is not recommended.
Also, if installed ON a Windowd 2008 R2 server, that also is not supported, unless we have a 2008R2 client available.
It is recommended to install on a Windows 2003 server that can talk with the Domain controllers.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!