I was a little surprise when I configured a user-id with active directory monitoring
I defined a specific user with all the right needed on the active directory like
user is part of the Distributed COM Users, Server Operators and Event Log Readers groups
the windows active directory is base on WIN2008 R2 only Event Log Readers groups is needed
but the result was the paloalto was not connected to the AD controler
and I looking for a while until I try to activave the WMI probing
I execute Run wmimgmt.msc (on the domain controller server) on the command prompt to open the console and modify the properties
Select the Security tab of the WMI Control Properties and drill down to the CIMV2 folder. Select this folder and click the Security button. Add the service account
and check off both Enable Account and Remote Enable.
as describe their:
In fact I have used this fonctionnality for a while with admin account. and everything works
now I can used another kind of user but with wmi right access.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!