New Features Introduced for the Cloud Identity Agent

The following table provides a list of new features introduced for the Cloud Identity agent. Refer to the Cloud Identity Engine documentation for more information on how to use the Cloud Identity Engine.
The Directory Sync agent has been rebranded as the Cloud Identity agent to integrate with the Cloud Identity Engine.
Introduced In Agent Version
Agent support for on-premises OpenLDAP-based directory servers
The Cloud Identity agent now supports retrieval of directory attributes from on-premises OpenLDAP-based directory servers. For more information on how to configure the Cloud Identity agent to provide directory attributes to Prisma Access and other Palo Alto Networks apps, refer to the Cloud Identity Engine Getting Started guide.
Agent support for proxy connection
Many network configurations use a web proxy to secure internet-bound traffic. To provide support for this type of network configuration, the Cloud Identity agent now allows you to configure a proxy server IP address and port. This new capability allows you to use the Cloud Identity agent to collect attributes from an on-premises Active Directory through an explicit proxy connection.
Automatic Restart for Unexpected Shutdown
The behavior of the agent has been modified so that if the agent stops working unexpectedly, the agent restarts automatically. This behavior does not occur if the agent is stopped or closed manually.
Improved Handling for Lost Connections
The behavior of the agent has been modified so that if the agent becomes unresponsive during a sync (for example, if a connection drops), the agent recovers gracefully.
Improved Logging for Errors and Query Messages
The agent now logs the
commands that the Active Directory receives and provides more detailed error messages for improved troubleshooting.
NetBIOS Validation During Connectivity Test
The agent now validates the NetBIOS name based on the domain you configure when you check connectivity with the Active Directory.
TLS Security Enhancement
To strengthen the security of the Cloud Identity agent, the agent now uses the highest TLS version available on the host by default.

Recommended For You