How to Ignore Users in User-ID

How to Ignore Users in User-ID

78806
Created On 09/25/18 20:40 PM - Last Modified 11/06/20 22:26 PM


Symptom
When using the User-ID Agent to identify users on the network, there is a way to ignore certain users. Generally, this is used for service accounts, but any desired username can be entered.

 Environment
  • PAN-OS 7.1 and above.
  • Windows User-ID Agent.
  • Integrated User-ID Agent.


 Resolution

 

  1. Stop the User-ID service
  2. Modify/create a file ignore_user_list.txt in the directory where User-ID Agent is installed.
    • This file will contain all the users to be ignored.
    • The format of the file needs to be one username on each line.
      Note: It is sometimes required to have two entries for each username, the normal username and the username with netbios name.
      • user1
      • mydomain\user1
  3. Start the User-ID service.

 

Starting from PAN-OS 7.1 the ignore user list can also be configured for the Agentless User-ID through the WebUI

2016-09-30_16-12-38.png

 


 

 



 Additional Information

How to Add/Delete Users from Ignore User List using Agentless User-ID



 Attachments
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/kcsArticleDetail?id=kA10g000000Clkl&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FkcsArticleDetail

Attachments
Choose Language