Newly Added Active Directory Users do not Appear on the Firewall

Newly Added Active Directory Users do not Appear on the Firewall

39735
Created On 09/25/18 19:20 PM - Last Updated 07/29/19 17:51 PM
User-ID
Resolution

Issue

Newly added active directory users do not appear on the firewall unless configuration changes are done to the User-ID agent and committed.

The new user also doesn't show when running the following command:

>show user group name "domain\group name"

 

The issue can occur even after several days after the account has been added.

 

Resolution

The user-id process needs to be refreshed/reset.

Follow commands below as a workaround.

>debug user-id refresh group-mapping <all/group-mapping-name <group mapping profile> >

 

If the above command does not list the user, run the additional two commands:

>debug user-id reset group-mapping <all/group-mapping-name <group mapping profile> >

>show user group name "domain\group name"

 

The user will get listed as a group member.

 

owner: ukhapre



Attachments
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClVtCAK&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Attachments
Choose Language