How to Ignore Users in User-ID

How to Ignore Users in User-ID

37231
Created On 09/25/18 20:40 PM - Last Updated 07/29/19 17:51 PM


Resolution

Overview

When using the User-ID Agent to identify users on the network, there is a way to ignore certain users. Generally, this is used for service accounts, but any desired username can be entered.

 

Steps

  1. Stop the User-ID service
  2. Modify/create a file ignore_user_list.txt in the directory where User-ID Agent is installed.
    • This file will contain all the users to be ignored.
    • The format of the file needs to be one username on each line.
      Note: It is sometimes required to have two entries for each username, the normal username and the username with netbios name.
      • user1
      • mydomain\user1
  3. Start the User-ID service.

 

Starting from PAN-OS 7.1 the ignore user list can also be configured for the Agentless User-ID through the WebUI

2016-09-30_16-12-38.png

 

See also

 

How to Add/Delete Users from Ignore User List using Agentless User-ID

 

owner: sspringer



Attachments
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClklCAC&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Attachments
Choose Language