unfortunately i did not find something that will work in our case.
We don't want to disable AgentLess UserID nor to perform the reg hacks for DCOM access.
WinRM-HTTPS with Kerberos should have been working natively according to PaloAlto.
There is something else messing which i cannot find it.
... View more