Manage Access to User-ID Agents
Perform the following tasks for managing connections from the firewall to User-ID agents or redistribution points.
Display information / Refresh Connected
Select DeviceUser IdentificationUser-ID Agents or PanoramaUser Identification to see whether the firewall or Panorama is connected to each User-ID agent or redistribution point. The Connected column displays a green icon to indicate a successful connection, a yellow icon to indicate a disabled connection, and a red icon to indicate a failed connection. If you think the connection status might have changed since you first viewed status, Refresh Connected to update the status display.
For the other displayed fields, see Configure Access to User-ID Agents.
Add and then Configure Access to User-ID Agents.
To remove the configuration that enables the firewall to connect to a User-ID agent or redistribution point, Delete the agent or redistribution point.
To disable access to a User-ID agent or redistribution point without deleting its configuration, edit it and clear the Enabled option.
Custom Agent Sequence
If you enable User-ID agents to perform NT LAN Manager (NTLM) authentication on behalf of the firewall, then—by default—the firewall communicates with the agents in the order you add them from top to bottom (see how to Use for NTLM Authentication in Configure Access to User-ID Agents). To change the order of how the firewall communicates with agents, click Custom Agent Sequence, Add each agent, Move Up or Move Down agents to reposition them, and click OK.
Administrative roles with a minimum of read-only access can export the User-ID agent configuration table as PDF/CSV. You can apply filters to create more specific table configuration outputs for things such as audits. Only visible columns in the web interface will be exported. See Configuration Table Export.
Device > User Identification > Terminal Services Agents
Device > User Identification > Terminal Services Agents On a system that supports multiple users who share the same IP address, a Terminal Services (TS) ...
Device > User Identification > User-ID Agents
Device > User Identification > User-ID Agents To map usernames to IP addresses, User-ID agents monitor various sources, such as directory servers. The agents send ...
Configure Access to User-ID Agents
Configure Access to User-ID Agents Each firewall and Panorama management server can connect to a maximum of 100 User-ID agents or User-ID redistribution points (or ...
Redistribute User-ID Information to Managed Firewalls
Redistribute User-ID Information to Managed Firewalls To ensure all the firewalls that enforce policies and generate reports have the required IP address-to-username mappings and authentication ...
User-ID Redistribution Using Panorama
User-ID Redistribution Using Panorama One of the key benefits of the Palo Alto Networks firewall is that it can enforce policies and generate reports based ...
User-ID Agent Settings
User-ID Agent Settings Panorama > Managed Collectors > User-ID Agents A Dedicated Log Collector can receive user mappings from up to 100 User-ID agents. The ...
Configure User-ID Redistribution
Configure User-ID Redistribution Before you configure User-ID redistribution: Plan the redistribution architecture. Some factors to consider are: Which firewalls will enforce policies for all users ...
Firewall Deployment for User-ID Redistribution
Firewall Deployment for User-ID Redistribution To aggregate User-ID information, organize the redistribution sequence in layers, where each layer has one or more firewalls. In the ...
Install the Windows-Based User-ID Agent
Install the Windows-Based User-ID Agent The following procedure shows how to install the User-ID agent on a member server in the domain and set up ...