'Enable Server Session Read' meaning for User ID Agent

'Enable Server Session Read' meaning for User ID Agent

37299
Created On 09/25/18 19:26 PM - Last Modified 11/06/20 22:20 PM


Symptom


What does "Enable Server Session Read" in the User-ID Agent mean?

Environment


  • Any PAN-OS.
  • Palo Alto Firewall
  • Windows User-ID Agent.
  • PAN-OS integrated User-ID Agent

Resolution


"Enable Server Session Read" is an additional server-based method to resolve users to IP addresses using the current user sessions in the Domain Controller. 
Users connected to resources on the Domain controller, such as shared folders and printers, have their IP addresses and user names stored in the server session table.
PAN agent is able to read this table and use it to make user to IP mappings.
The Agent will require Server Operator privileges to read the session table. In an environment where user drives are hosted on the Domain Controller, this can be a very efficient way to match users to their IP addresses.

 

 
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/kcsArticleDetail?id=kA10g000000ClYp&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FkcsArticleDetail

Choose Language