This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Cookie Policy. Click Preferences to customize your cookie settings.
About cdwing
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About cdwing
03-24-2023
7Posts
0Likes
0Solutions
Mar 24, 2023Last Visited
User
Activity
User
Profile
Latest posts by cdwing
| Subject | Views | Posted |
|---|---|---|
| 993 | 01-31-2022 02:26 PM | |
| 1040 | 01-31-2022 12:18 PM | |
| 1791 | 08-04-2020 03:02 PM | |
| 988 | 10-11-2019 09:50 AM | |
| 2175 | 03-19-2019 05:27 PM |
User Badges
Community Statistics
| Member Since | 08-22-2017 07:52 AM |
| Date Last Visited | 03-24-2023 07:40 PM |
| Posts | 7 |
01-31-2022
02:26 PM
Interesting... I have an ID that is 40 characters, when you drop the domain (@zzz.com), that takes it to 32 and it works. I know that creating a local admin has the restriction of 31. We have an auth sequence that drops the original domain and then adds it back for login attempts to get around that CLI does not allow IDs with @ symbols.
... View more
01-31-2022
12:18 PM
We use TACACS+ server for admin authentication. Is there a limit on the length of an ID? I have one that is 40 characters (we use email IDs). Getting an auth-success log message for this user, but then a Critical "create-admin-acct-error" message: Failed to create local user account for admin user: <40 character email>
... View more
08-04-2020
03:02 PM
In trying to improve the security of our access to CSP, I enabled 2FA at an account level. In testing, it was not as configurable as I wanted, so I disabled it for the account. In attempting to disable it for my own account (as required after enable/disable for the account), my profile change is not saved. I will get the "changes saved" message, but when I re-access my profile it is still enabled. Is there some account level configuration that I am missing? I would really like to see external authentication services to be supported, still having to register the ID in the portal, but allow my company ID Management processes/tools to be used to revoke authentication on leaving the company, etc.
... View more
10-11-2019
09:50 AM
TACACS Server timeout currently has a max setting of 20 secs. We have implemented Duo MFA on our TACACS server and 20 secs is really tight for receiving and approving the push notification from Duo. Is there any way to override the max timeout? We prefer to control the MFA externally as we offer multiple methods through TACACS.
... View more
03-19-2019
05:27 PM
Still have not seen how to do this. Has anybody gotten TACACS authentication for CLI access working?
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
03-24-2023
07:40 PM
|
Latest Tags
No tags yet
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks