05-28-2020 03:46 PM
I have setup user-id mapping using the instruction here:
I have 2 servers with the user-id agent and 2 servers with the terminal server agent all set up and working. If I go into monitoring, i can see logs populating just fine and if I go into the cli and run
show user ip-user-mapping all
All the users show up mapped correctly.
Initially, we were trying to do user mapping by implementing User Mapping Using the PAN-OS Integrated User-ID Agent. We didn't like this solution and backed it all out. In the 2 weeks since, the only thing we did was upgrade the Pan-Os to version 9.0.8 and now when we run a commit, we intermittently receive the following error:
user-id-service is enabled, but no user-id-agent is configured for ntlm-auth
I think this may be left over from when we were trying to implement the integrated user-id agent. I have searched for a similar error but can't find anything close.
In the firewall, in device>user identification> user-ID agents, in the properties of the server, do I need to check the "Use for NTLM Authentication" check box since we are still using NTLM authentication to clear the error?
