ADEM and GlobalProtect Information for Single User Presented Under Two Different Usernames
1243
Created On 09/11/24 21:49 PM - Last Modified 10/21/25 21:07 PM
Symptom
- SCM displays two usernames for a single user under Insight>Activity Insight>Users
One username shows activity & connectivity data, the other shows experience data. - Both the usernames belong to the same user.
- While ADEM shows the UPN username, Insights (activity and connectivity page) shows SamAccountName format.
Environment
**Product_versions**
• Prisma Access
• ADEM
• Strata Cloud Manager
Cause
- The problem we have is that adem gathers the username from GP as username-upn@company.com and then strips off the domain name to get username-upn.
- Insights on the other hand respects the Primary Username format (SamAccountName) which is upnusername.
- With these two different formats, we will see both usernames in SCM.
- However, we have certain enhancements enabled to not double count the duplicate usernames against the license.
Resolution
- One solution could be on the customer end to use the UPN (username@company.com) format.
- Although that would likely be a significant change on their AD infrastructure and may not be acceptable option..
- No other work-around, issue is being reviewed by engineering for an enhancement on the ADEM side.
Additional Information
N/A