To enable user- and group-based policy enforcement, the firewall requires a list of all available users and their corresponding group memberships so that you can select groups when defining your policy rules. The firewall collects Group Mapping information by connecting directly to your LDAP directory server, or using XML API integration with your directory server.
The User-ID agent queries the Domain Controller and Exchange server logs using Microsoft Remote Procedure Calls (MSRPCs), which require a complete transfer of the entire log at each query.
Download User-ID Agent Installer:
- Log in to the Palo Alto Networks Customer Support web site.
-
Select
Software Updatesfrom the Manage Devices section.
-
Scroll to the User Identification Agent section of the screen and
Downloadthe version of the User-ID agent you want to install.
-
Save the
UaInstall-x.x.x-xx.msifile on the system(s) where you plan to install the agent.
Installation of Palo Alto User-ID Agent:
Launch Palo Alto User-ID Agent:
Open the Windows Start menu and select User-ID Agent.
References:
- Install the User-ID Agent (Version 7.1)