10-09-2021 12:52 PM
10-12-2021 07:36 AM
Hellooo, No Ideas so far ?!
10-12-2021 06:29 PM
Hello @MRamadanAHafiez ,
Most likely the format of the username does not match. Do you have a username or group in the security policy rule that allows access to your resources? You can verify the format of the username via the monitor tab, but I prefer CLI.
Use "show user ip-user-mapping all" to verify active username format.
Use "show user group name [group]" to verify username format needed to match group.
This doc will have the fix most of the time -> https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-new-features/user-id-features/support-for-multip....
Thanks,
Tom
10-12-2021 11:16 PM
Hello @TomYoung
Thank you for your reply.
I will check the link you've provided.
Firstly , yes I have policies based on users and groups that we are talking about.
Secondly, I have checked traffic logs and when the user-id field is mydomain\username then I know everything will be as expected but whenever it comes username only I know it won't work as expected.
Adding: a Cisco Duo is must to have client connected by GlobalProtect.
I will check the link it might help.
10-14-2021 03:59 AM - edited 10-14-2021 04:12 AM
Hello,
So far and after checking many times it seems this issue occures due to GlobalProtect client fail-over the windows account and it was allowed to use windows SSO "YES" now we set it to "NO" and waiting the final result.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
