Custom admin role support on dedicated log collector

Custom admin role support on dedicated log collector

906
Created On 07/21/23 05:36 AM - Last Modified 01/25/25 04:04 AM


Question


Can we configure Custom admin role for dedicated log collector using external authentication such as Radius or Tacacs+?

 

Environment


  • Panorama
  • PANOS-10.x, 11.x
  • Dedicated Log Collector

Answer


  1. Dedicated Log collector only supports superuser role for local or and external authenticated admin.
  2. Local or Panorama Administrators with any other admin role type is not supported.

Additional Information


The External authentication feature introduced for log collectors in 10.0 only adds support from external authentication servers only for superuser role. Panorama Administrator's Guide have been updated with a Note explaining the same.

Also, there is a feature request filed for the read-only login support, FR id 10472. 
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000bqVuCAI&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail