user to ip mapping with LDAP

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

user to ip mapping with LDAP

L0 Member

I have a pa 3020 running 6.0.8 doing LDAP lookups to multiple edir servers,

 

I have many users that PA shows as unknown but when I look on the server I see they are logged in x.x.x.x

Why does this work for some but not all?

 

I have done the following:

debug user-id refresh user-id agent all

debug software restart user-id

show user server-monitor state CHS1 (which shows it connected 2 seconds ago)

 

Thanks

Tom

2 REPLIES 2

L5 Sessionator

Unknown comes when you have enable the user identificate on the zone but firewall doesn't have the user-ip mapping for the ip address.

 

Have you configured agentless or agent configuration for user-ip mapping. Make sure you add all the domain controller. Check if you have configured any Included/Exclude list or not.

 

Hope this helps.

L3 Networker

Make sure the user  name which   you are using have proper permission  to read the log events

 

Try using admin name and credentials to see if that make any change ( if you are not usning admin user ) 

  • 1720 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!