GlobalProtect ADEM User not found in Strata Cloud Manger
Symptom
• Telemetry not showing in Strata Cloud Manager
• ADEM client license state unknown
• No user tied to machine name in Strata Cloud Manager ADEM Export
---
In a non-working case it is seen in the GPS.logs that 'DEM Agent: Udate DEM user-id setting' is not being completed after user login.
Example of the user-id only being set when computer is turned on and turned off at night:
Line 1274: (P5888-T13456)Debug(16047): 09/10/24 16:32:20:427 DEM Agent: Update DEM user-id setting: 9, 0, 9, 9, 26
Line 2946: (P3636-T7476)Debug(15975): 09/11/24 07:46:28:591 DEM Agent: Read DEM user-id setting: 9, 0, 9, 9, 25
Line 10134: (P3636-T24596)Debug(16047): 09/11/24 16:36:10:411 DEM Agent: Update DEM user-id setting: 9, 0, 9, 9, 26
Line 10814: (P6532-T7540)Debug(15975): 09/12/24 07:48:58:241 DEM Agent: Read DEM user-id setting: 9, 0, 9, 9, 25
Line 17965: (P6532-T10956)Debug(16047): 09/12/24 16:31:26:463 DEM Agent: Update DEM user-id setting: 9, 0, 9, 9, 26
The 5 settings reflect:
First setting is for username
Second 0 is for domain
Third 9 is for tenant-id
Fourth 9 is for sub-tenant-id
Fifth 26 is for the cc-id/device ID
Example of working client when the user-id is being updated at login, it is seen that the username field is being changed:
...
Line 1605: (P5884-T19036)Debug(6539): 10/21/24 13:39:16:581 ----Network Discover starts----
Line 1615: (P5884-T10148)Debug(18384): 10/21/24 13:39:16:581 DEM Agent: Update DEM user-id setting: 27, 0, 9, 9, 26
Line 1632: (P5884-T19036)Debug(8086): 10/21/24 13:39:16:659 --Set state to Discovering network...
...
Line 19736: (P5884-T19500)Debug(8086): 10/21/24 13:49:16:899 --Set state to Disconnected
Line 19759: (P5884-T19500)Debug(18384): 10/21/24 13:49:16:899 DEM Agent: Update DEM user-id setting: 9, 0, 9, 9, 26
Line 19761: (P5884-T11820)Debug(8086): 10/21/24 13:49:16:899 --Set state to Discovering network...
...
Line 21353: (P5884-T7068)Debug(8086): 10/21/24 13:49:37:101 --Set state to Disconnected
Line 21426: (P5820-T6732)Debug(18307): 10/21/24 13:50:44:104 DEM Agent: Read DEM user-id setting: 9, 0, 9, 9, 25
Line 21452: (P5820-T10104)Debug(3064): 10/21/24 13:50:44:126 ----Portal Processing starts----
...
Line 25425: (P5820-T19200)Debug(6539): 10/21/24 13:53:13:879 ----Network Discover starts----
Line 25435: (P5820-T10100)Debug(18384): 10/21/24 13:53:13:894 DEM Agent: Update DEM user-id setting: 27, 0, 9, 9, 26
Line 25466: (P5820-T19200)Debug(8086): 10/21/24 13:53:14:104 --Set state to Discovering network...
...
Line 47679: (P16276-T17008)Debug(5926): 10/21/24 16:49:06:150 ----Network Discover starts----
Line 47691: (P16276-T11248)Debug(16047): 10/21/24 16:49:06:150 DEM Agent: Update DEM user-id setting: 27, 0, 9, 9, 26
Line 47764: (P16276-T17008)Debug(7348): 10/21/24 16:49:23:163 --Set state to Discovering network...
...Environment
• GlobalProtect
• ADEM
• Windows Client
• Pre-logon
Cause
When user connects the user-id registry key is not updated with user information and so data is not sent to the back-end as expected.
Resolution
1. Upgrade to version called out on GPC-21090
Additional Information
Change the 'Pre-Logon Tunnel Rename Timeout' to 1 or greater.
1. Login to Portal and navigate and open Portal
1.a Network>GlobalProtect>Portals>{GlobalProtect Port Configuration containing Pre-logon config}
2. Navigate to 'Agent' tab and open 'pre-logon' Config
3. Navigate to 'App' tab and in the 'App Configurations' window find the 'Pre-Logon Tunnel Rename Timeout (sec) (Windows Only)' setting and change it to '1' or higher.