Differences

This shows you the differences between two versions of the page.

--- paloaltonetworks:configuration:user_id [2020/08/31 06:30] – external edit 127.0.0.1
+++ paloaltonetworks:configuration:user_id [2022/11/23 12:49] (current) – external edit 127.0.0.1
@@ Line 3: / Line 3: @@
 =====User-ID Requirements=====
 [[https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/user-id/map-ip-addresses-to-users/create-a-dedicated-service-account-for-the-user-id-agent.html|Palo Doc Here]].
+=====Win-RM=====
+[[https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/user-id/map-ip-addresses-to-users/configure-server-monitoring-using-winrm|Setup]]
+Run this command on each DC. Then add the account.
+<code>winrm configSDDL default</code>
+The service account needs to belong to the 'Remote Management Users' group in AD to allow WinRM connections from the firewall to query WMI.  This is because the service account is not an administrator on the domain, and by default PowerShell Remoting requires admin privileges.
 =====User-ID Account Permissions=====
 The service account requires the following domain permissions per forest.
@@ Line 19: / Line 27: @@
 [[https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/user-id/map-ip-addresses-to-users/create-a-dedicated-service-account-for-the-user-id-agent.html# Palo Alto Networks' documentation is not complete]].
-  -  On the Windows Server start menu, search for ''wmimgmt.msc'', and launch the WMI Management Console. (Alternatively, launch mmc and add the WMI Managment Snap In).
+  -  On the Windows Server start menu, search for ''wmimgmt.msc'', and launch the WMI Management Console. (Alternatively, launch mmc and add the WMI Management Snap In).
   - In the console tree, right-click ''WMI Control'' and select ''Properties''.
   - Select ''Security'' tab.