I have the User-ID agent on one of my domain controllers and I have the firewalls set to get the ID from that and it gets some ID's but doesnt seem to get all. So I thought maybe add active directory and exchange server monitoring.
But I get errors in the panorama sysem log that just say connect-server-monitor-failure I set the account to domain admn even to see if it was a permission issue and its still saying this. Is there any way in the PA to get a better error that will give me more detail about why exactly its failing to connect?
Is your UIA service actually being "ran as" a service account with rights to get logs from the DC? Does the UIA application have the correct service account ID/PW in the application? (BTW if you set the DC for the service account to have the right permissions on the DC that service account doesn't need to be a domain admin...and it's good security practice for it not to.)
If you follow the steps (step by step) on setting up UIA you shouldn't have any issues.
I have 4 UIAs in my environment. Have had them for the past 5 years and haven't run into a problem other than not having the right ID and PW.
Also make sure your UIA version is installed on the right OS platform.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The Live Community thanks you for your participation!