Palo Alto Networks Knowledgebase: How to Add/Delete Users from Ignore User List using Agentless User-ID

How to Add/Delete Users from Ignore User List using Agentless User-ID

7837
Created On 09/25/18 19:30 PM - Last Updated 08/05/19 20:36 PM
User-ID
Resolution

Overview

This document describes the CLI commands that are used to add and delete users from the Ignore User List when using agentless User-ID.

Details

The example outputs in this document are in set format. To change the output format, use the set cli config-output-format command:

> set cli config-output-format set

Single VSYS

  • To add a user to an ignore list:

# set user-id-collector ignore-user [ domain_name\user_name ]

For example:

> configure

# set user-id-collector ignore-user [ AD2008\test ]

# commit

  • To add multiple users to an ignore list:

# set user-id-collector ignore-user [ domain_name\user1 domain_name\user2 domain_name\user3 ...]

  • To add single user, do not use the square brackets.

# set user-id-collector ignore-user domain_name\user1

  • To delete a user from the ignore list, use the following command:

# delete user-id-collector ignore-user domain_name\user8

Note: If square brackets were used to add a single user, an error will occur when attempting to delete that user.

For example:

# delete  user-id-collector ignore-user [AD2008\test]

Server error : Unable to get schema node for xpath /config/devices/entry[@name='localhost.localdomain']/vsys/entry[@name='vsys1']/user-id-collector/ignore-user/member[text()='[AD2008\test]']

  • To delete all users from the ignore-user list, use the following command:

> configure

# delete user-id-collector ignore-user

# commit

Note: Verify using the show | match ignore command:

# show | match ignore

[edit] 

Multiple VSYS

  • To add a user to an ignore list:

# set vsys vsys1 user-id-collector ignore-user [ domain_name\user_name ]

For example:

> configure

# set vsys vsys1 user-id-collector ignore-user [ AD2008\test ]

# commit


Verify the change:

# show | match ignore

set vsys vsys1 user-id-collector ignore-user AD2008\test

[edit] 

  • To append to an existing ignore-list:

# set vsys vsys1 user-id-collector ignore-user [ domain_name\user1 domain_name\user2 ]

  • To delete one entry

> configure

# delete vsys vsys1 user-id-collector ignore-user domain_name\user

# commit

Note: The following error will occur if multiple entries are specified. See example below:

# delete vsys vsys1 user-id-collector ignore-user [ AD2008\test1 AD2008\test2 ]

[ is not a valid token

Invalid syntax.

[edit] 

  • To delete all ignore-list entries from a vsys

# delete vsys vsys1 user-id-collector ignore-user

owner: jlunario



Attachments
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClZBCA0&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Attachments
Choose Language