由于“您尚未激活 Cloud Identity Engine”，无法从“设备”>“用户标识”>“Cloud Identity Engine”中选择区域

• 云识别引擎已正确配置并激活
• 尝试从 GUI 选择区域时：用户标识 > 云身份引擎，显示消息“您尚未激活云身份引擎。单击此处了解如何激活云身份引擎。 ”。
• 下拉菜单中无法列出 Cloud Identity Engine 实例
• 在 Panorama 中的 dscd.log（ less mp-log dscd.log ）中，我们可以看到以下错误；

{"level":"info","time":"2022-11-14T09:47:32.6547441+09:00","message":"[CFG-DATA] DSS URL app-registry.appsvc.paloaltonetworks.com--https://app-registry.appsvc.paloaltonetworks.com/apps/directory_sync?fields=regions"}
{"level":"error","time":"2022-11-14T09:47:32.7260165+09:00","message":"Failed to execute request to DSS &{GET https://app-registry.appsvc.paloaltonetworks.com/apps/directory_sync?fields=regions HTTP/1.1 1 1 map[Content-Type:[application/json]] <nil> <nil> 0 [] false app-registry.appsvc.paloaltonetworks.com map[] map[] <nil> map[]   <nil> <nil> <nil> <nil>}"}
{"level":"info","time":"2022-11-14T09:47:32.7260498+09:00","message":"[CFG-DATA]Fetching of Region, tenant and Domain is done: false"} <<<<<<<<<<< !!!

 {"level":"debug","time":"2023-01-30T15:57:57.11049343+09:00","message":"[CFG-DATA] TenantDomain: Get tenant Domains url: https://app-directory-sync.jp.apps.paloaltonetworks.com/service/directory/v1/tenantdomains"}
> {"level":"error","time":"2023-01-30T15:57:57.117140087+09:00","message":"Failed to retrieve tenantDomain for region jp"}

• 云身份引擎
• 全景

1. 验证以下所有 URL 均未被 Panorama 和 CIE 基础设施之间的路径上的任何设备阻止。

*.apps.paloaltonetworks.com
enforcer.iot.services-edge.paloaltonetworks.com
app-registry.appsvc.paloaltonetworks.com

2. 一旦解决了通信问题，区域选择就可以正常工作。