@JamshedDayar wrote:
Hi Brandon,
Let me clarify.
Currently we have UIA version 8 on our 2012 server which is working fine since ages, status on that for all DCs is connected. no issues
Now we are deploying a win 2019 server with newer version of UIA 10.2 but using the same service account thats being already used for 2012 deployment ( so permissions are not an issue imo as that one is working fine )
Now on the 2019 server, the UIA agent is running and connected, but on 3 DCs ( screenshot attached in 1st post ) , the status is stuck at connecting and after sometime it is Connecting ( Access is denied ).
We have followed the KB and all local permissions are also granted to service account on new server as well.
Hrmm...If you're saying you've followed all the steps and the service account is running the software, it's possible there could be some weird issue going on, but that likely will need a support case to truly discover.
That said my enviornment is a mix of 3200s, 3400s, and 5250s running 10.1.X and 10.2.X PAN-OS. I've got 4 UIAs targeting 100+ DCs and 1 credential agent. We're running UIA software version 10.1.0-21 and we don't have any issues monitoring 2019 DCs. Maybe try downgrading the UIAs to 10.1?
Where Can I Install the User-ID Agent?
https://docs.paloaltonetworks.com/compatibility-matrix/user-id-agent/where-can-i-install-the-user-id-agent#id8f750af3-799f-4546-8b9e-a44a23b5b5c0
Which Servers Can the User-ID Agent Monitor?
https://docs.paloaltonetworks.com/compatibility-matrix/user-id-agent/which-servers-can-the-user-id-agent-monitor#id48730da4-e269-4a3b-aeae-ea577c5c04ea
... View more