Cloud Identity Engine Release Notes
    : New Features Introduced for the Cloud Identity Agent
    Focus
    Download PDF
    Focus
    1. Home
    2. Cloud Identity
    3. Cloud Identity Engine Release Notes
    4. Welcome to the Cloud Identity Engine
    5. New Features Introduced for the Cloud Identity Agent
    Download PDF

    Cloud Identity Engine Release Notes

    New Features Introduced for the Cloud Identity Agent

    Table of Contents

    New Features Introduced for the Cloud Identity Agent

    The following table provides a list of new features introduced for the Cloud Identity agent. Refer to the Cloud Identity Engine documentation for more information on how to use the Cloud Identity Engine.
    The Directory Sync agent has been rebranded as the Cloud Identity agent to integrate with the Cloud Identity Engine.
    FeatureDescriptionIntroduced In Agent Version
    Agent Bind DN Password Rotation
    For additional security, you can now update the bind password for the agent at regular intervals (also known as password rotation).
    To further automate this process, you can create a script to enter the command instead of manually updating the configuration. For more information, refer to the last step in Configure the Cloud Identity Agent.
    		1.8.2
    Cloud Identity agent support for Windows Server 2022The Cloud Identity agent now supports Windows Server 2022 as an agent host. For more information on how to install the Cloud Identity agent, refer to the Cloud Identity Engine Getting Started guide. 1.8.1
    Base DN Requirement for OpenLDAP directory serversThe Cloud Identity agent now requires the base Distinguished Name (Base DN) for OpenLDAP directory servers to ensure successful directory search completion. 1.8.1
    Agent support for on-premises OpenLDAP-based directory serversThe Cloud Identity agent now supports retrieval of directory attributes from on-premises OpenLDAP-based directory servers. For more information on how to configure the Cloud Identity agent to provide directory attributes to Prisma Access and other Palo Alto Networks apps, refer to the Cloud Identity Engine Getting Started guide.1.8.0
    Agent support for proxy connectionMany network configurations use a web proxy to secure internet-bound traffic. To provide support for this type of network configuration, the Cloud Identity agent now allows you to configure a proxy server IP address and port. This new capability allows you to use the Cloud Identity agent to collect attributes from an on-premises Active Directory through an explicit proxy connection. 1.7.1
    Automatic Restart for Unexpected ShutdownThe behavior of the agent has been modified so that if the agent stops working unexpectedly, the agent restarts automatically. This behavior does not occur if the agent is stopped or closed manually. 1.7.0
    Improved Handling for Lost ConnectionsThe behavior of the agent has been modified so that if the agent becomes unresponsive during a sync (for example, if a connection drops), the agent recovers gracefully. 1.7.0
    Improved Logging for Errors and Query Messages The agent now logs the ldap_search commands that the Active Directory receives and provides more detailed error messages for improved troubleshooting. 1.7.0
    NetBIOS Validation During Connectivity Test The agent now validates the NetBIOS name based on the domain you configure when you check connectivity with the Active Directory. 1.7.0
    TLS Security EnhancementTo strengthen the security of the Cloud Identity agent, the agent now uses the highest TLS version available on the host by default. 1.7.0

    © 2025 Palo Alto Networks, Inc. All rights reserved.