11-02-2021 02:13 AM - edited 11-02-2021 02:14 AM
Hello,
I'm using agentless user-id with a Windows Server 2012 AD through WMI, we recently updated the server, and it started throwing Authentication Error 10036 flooding our Windows logs. We've searched and troubleshooted the problem for a long time and nothing worked, the only workaround that we think might work is to change the authentication protocol from WMI to WinRM-HTTP. (We cannot roll back the update for vulnerability requirements)
We used this guide https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/user-id/map-ip-addresses-to-users/configur... to set up the configuration, and once we committed we're getting "Connection Refused(0)". The user-id logs are not specifying the error, just a "connection failed, error=0"
Likewise, we also troubleshooted everything, from the configs to the service account having the correct permissions as per Palo Alto's recommendation, and still.
Any ideas?
