04-22-2025 12:00 AM
We have firewall managed by Panorama and have used security group from Active Directory in the polices.
Want to know where do we check ( panorama or the firewall) the list of groups seen by the firewall and list of users in a group.
And also want to know the cmd for manual sync and do we need to run it on Panorama or Firewall.
04-22-2025 09:04 AM
Got a ticket open as per TAC we need to run the command on the firewall.
04-22-2025 01:49 AM
Hi @fkizhuvara ,
Please refer the below kb for your reference and User id information should be checked at firewall.
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClRyCAK
04-22-2025 03:25 AM
That KB is for User ID agent setup, not what I am looking for.
Below command works on the firewall but not on Panorama.
show user group list
this will display user groups known to the firewall
show user group name " cn of group listed from above (use quotes if you have spaces)"
this will list all known members of that group
04-22-2025 03:27 AM
That KB is for User ID agent setup, not what I am looking for.
Below command works on the firewall but not on Panorama.
show user group list
this will display user groups known to the firewall
show user group name " cn of group listed from above (use quotes if you have spaces)"
this will list all known members of that group
04-22-2025 09:04 AM
Got a ticket open as per TAC we need to run the command on the firewall.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
