I am trying to configure PANOS(10.1.8) Integrated UserID with Wndows AD 2016 (with Kerberos).
I am getting "Access Denied" status under User Mapping --Server Monitoring
I have validated that user is part of below security groups on AD
Distributed COM Users
Event Log Readers
Remote Management Users
I see below logs
Error: pan_user_id_winrm_query(pan_user_id_win.c:2751): failed to connect to winrm server XXXXXX in vsys 1 Error: pan_user_id_winrm_error(pan_user_id_win.c:2644): HTTP 500: s:Senderw:AccessDeniedAccess is denied. Access is denied. Error: pan_user_id_winrm_query(pan_user_id_win.c:2795): Connection failed. response code = 500, error: (null) in vsys 1, server=XXXXXX
Reffered below KB Articles/ links but could not get through.
Any inputs will be appreciated.
... View more