I’m forever needing docs for Palo Alto considering that is now my weapon of choice in the fight against bad actors. The problem is that it can sometimes take me an age to find some of those useful docs that I use frequently if I lose them so I’m putting them here.

Change CLI Config Output

The first one is relevant when you are using the CLI for configuration. Of course being primarily a GUI configured device you might be thinking ‘why’ but there is nothing quite like a good CLI where speed is concerned. Bulk modifications are still something I will do regularly via CLI.

set cli config-output-format set

Manually Sync LDAP Group Mapping

You can refresh the user-group-mapping on PAN-OS by issuing the following the command:

debug user-id refresh group-mapping all

You can also reset user-group-mappings by issuing the following command:

debug user-id reset group-mapping all

Display UserID Agent AD Group Memberships

The show user group name CLI command displays the User-ID Agent group membership associations.

show user group name "cn=testgroup,cn=users,dc=paloaltonetwork,dc=com

Links

Links require login:

A useful link for the aforementioned CLI hierarchy to help you find an option which might not be so intuitive to find:

https://docs.paloaltonetworks.com/pan-os/9-0/cli-reference/pan-os-9-0-configure-cli-command-hierarchy.html

A link to the preferred release tracking page to help you plan your upgrades:

https://live.paloaltonetworks.com/t5/customer-resources/support-pan-os-software-release-guidance/ta-p/258304/page/4/show-comments/true

URL filtering testing pages

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClaDCAS

Palo Alto Useful Links and Commands
Tagged on:     

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.