Cloud Identity Engine (CIE) Email Alerts not triggered

Cloud Identity Engine (CIE) Email Alerts not triggered

4703
Created On 03/07/24 09:50 AM - Last Modified 04/12/24 02:07 AM


Symptom


  • The Cloud Identity Engine (CIE) is configured for Email Alerts,
  • Criteria as per documentation is met, but email Alerts are not sent:
    • AL_CIE_AGENT_DISCONNECT (Documentation The CIE agent was disconnected for 1 minute).
    • AL_CIE_DIRECTORY_DISCONNECT (Documentation The CIE agent was disconnected for 1 minute).

Environment


  • Cloud Identity Engine (CIE)
  • Email Alerts setup.
  • LDAP User/Group mapping.

Cause


  • For CIE Email Alerts to work, the Prisma Access feature called "Directory Sync Integration" need to be enabled.
  • That is Step 6 in this Documentation.

Resolution


  1. Enable "Directory Sync Integration" for the CIE Email Alert feature to work.
  2. This can be enabled either under "Mobile Users - GlobalProtect", "Mobile Users - Explicit Proxy" or "Remote Networks".

Additional Information


Note that enabling "Directory Sync Integration" is an impactful change as:
Once you enable the Cloud Identity Engine integration, you cannot retrieve user and group mapping settings with any method other than the Cloud Identity Engine.
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000XhtmCAC&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language