USEFUL CLI COMMANDS FOR TROUBLESHOOTING USER-ID AGENT
USEFUL CLI COMMANDS FOR TROUBLESHOOTING USER-ID AGENT 175903 Created On 09/25/18 18:50 PM - Last Modified 04/20/20 21:49 PM Resolution This document aims to familiarizes users and admins to the CLI commands (on PAN-OS 8.0) relevant to User-ID agent running on Windows server. Check for agent To check if the agent is connected and operational: admin@anuragFW> show user user-id-agent statistics Name Host Port Vsys State Ver Usage --------------------------------------------------------------------------- LAB_UIA 10.21.56.14 5007 vsys1 conn:idle 5 Usage: 'P': LDAP Proxy, 'N': NTLM AUTH, 'C': Credential Enforcement A state of 'conn:idle' indicates the connected state. Usage would show blank if the User-ID agent is only furnishing user-ip mappings and no other services such as LDAP proxy, NTLM auth or credential enforcement. Check for details of connection To see the details of the ...