Hi,
I talked to PAN support and from what I heard is that this change was intentional and they are not going to revert it back to what it was. Basically before 7.1.5 if you do not add the timeout value in the user-id message it defaults to never, now it uses the timeout value configured in the userid settings on the firewall.
What will work (so DEV use this) is the following XML message, by setting timeout to 0, the result is the same as it was and Clearpass can send login and logout messages based on accounting data.
<uid-message>
<version>1.0</version>
<type>update</type>
<payload>
<login>
<entry name="domain\uid2" ip="10.1.1.2" timeout=”0”>
</entry>
</login>
</payload>
</uid-message>
Bart.