02-04-2016 07:19 AM
I have a pa 3020 running 6.0.8 doing LDAP lookups to multiple edir servers,
I have many users that PA shows as unknown but when I look on the server I see they are logged in x.x.x.x
Why does this work for some but not all?
I have done the following:
debug user-id refresh user-id agent all
debug software restart user-id
show user server-monitor state CHS1 (which shows it connected 2 seconds ago)
Thanks
Tom
02-04-2016 09:20 AM
Unknown comes when you have enable the user identificate on the zone but firewall doesn't have the user-ip mapping for the ip address.
Have you configured agentless or agent configuration for user-ip mapping. Make sure you add all the domain controller. Check if you have configured any Included/Exclude list or not.
Hope this helps.
02-08-2016 06:29 AM
Make sure the user name which you are using have proper permission to read the log events
Try using admin name and credentials to see if that make any change ( if you are not usning admin user )
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
