Manage Access to Monitored Servers
Perform the following tasks in the Server Monitoring section to manage access to the servers that the User-ID agent monitors for user mapping information.
Display server information
For each monitored server, the User Mapping page displays the Status of the connection from the User-ID agent to the server. After you Add a server, the firewall tries to connect to it. If the connection attempt is successful, the Server Monitoring section displays Connected in the Status column. If the firewall cannot connect, the Status column displays an error condition, such as Connection refused or Connection timeout.
For details on the other fields that the Server Monitoring section displays, see Configure Access to Monitored Servers.
To Configure Access to Monitored Servers, Add each server that the User-ID agent will monitor for user mapping information.
To remove a server from the user mapping process (discovery), select the server and Delete it.
Tip: To remove a server from discovery without deleting its configuration, edit the server entry and clear Enabled.
You can automatically Discover Microsoft Active Directory domain controllers using DNS. The firewall will discover domain controllers based on the domain name entered in the DeviceSetupManagement page, General Settings section, Domain field. After discovering a domain controller, the firewall creates an entry for it in the Server Monitoring list; you can then enable the server for monitoring.
The Discover feature works for domain controllers only, not Exchange servers or eDirectory servers.
Configure the Windows-Based User-ID Agent for User Mapping
Configure the Windows-Based User-ID Agent for User Mapping The Palo Alto Networks User-ID agent is a Windows service that connects to servers on your network—for ...
Monitor Servers Device > User Identification > User Mapping Use the Server Monitoring section to define the Microsoft Exchange Servers, Active Directory (AD) domain controllers, ...
Configure User Mapping Using the PAN-OS Integrated User-ID ...
Configure User Mapping Using the PAN-OS Integrated User-ID Agent The following procedure shows how to configure the PAN-OS integrated User-ID agent on the firewall for ...
Server Monitoring Device User Identification User Mapping Palo Alto Networks User-ID Agent Setup Server Monitor To enable the User-ID agent to map IP addresses to ...
Configure Access to Monitored Servers
Configure Access to Monitored Servers Use the Server Monitoring section to Add server profiles that specify the servers (up to 100) the firewall will monitor. ...
Configure User Mapping Using the Windows User-ID Agent
Configure User Mapping Using the Windows User-ID Agent In most cases, the majority of your network users will have logins to your monitored domain services. ...
Windows Log Forwarding and Global Catalog Servers
Windows Log Forwarding and Global Catalog Servers Because each User-ID agent can monitor up to 100 servers, the firewall needs multiple User-ID agents to monitor ...
Deploy User-ID for Numerous Mapping Information Sources
Deploy User-ID for Numerous Mapping Information Sources You can use Windows Log Forwarding and Global Catalog servers to simplify user mapping and group mapping in ...
Server Monitoring With server monitoring a User-ID agent—either a Windows-based agent running on a domain server in your network, or the integrated PAN-OS User-ID agent ...