topic Re: PEP not showing user groups in Firewall and Security Management https://community.checkpoint.com/t5/Firewall-and-Security-Management/PEP-not-showing-user-groups/m-p/219306#M41913 <P>I don't see any groups in the PDP output either, only "All Users" and no roles.<BR />And the machine identity appears to be propagated to the PEP gateway (alfa01).<BR />I assume this is operating as expected.</P> Mon, 01 Jul 2024 18:28:29 GMT PhoneBoy 2024-07-01T18:28:29Z PEP not showing user groups https://community.checkpoint.com/t5/Firewall-and-Security-Management/PEP-not-showing-user-groups/m-p/219209#M41912 <P>Hello,</P><P>&nbsp;</P><P>i have working PDP -&gt; PEP identities sharing.&nbsp;</P><P>On PDP gateway i can see user with all required info including groups:</P><P>&nbsp;</P><LI-CODE lang="markup">************************************************************************************ Session: dcacec19 Session UUID: {74CBE119-8E85-7D09-71EC-90BA29F3FA00} Ip: 10.1.12.20 Machine: alfa01@ipftest.local {1e7c2749} Groups: All Machines Roles: - Client Type: Identity Collector (Active Directory) Authentication Method: Trust Distinguished Name: CN=ALFA01,OU=Domain Controllers,DC=IPFtest,DC=local Connect Time: Sun Jun 30 01:23:12 2024 Next Reauthentication: Sun Jun 30 13:23:42 2024 Next Connectivity Check: - Next Ldap Fetch: Sun Jun 30 08:49:40 2024 Users: checkpoint_user@ipftest.local {b58917bd} LogUsername: checkpoint user (checkpoint_user) Groups: All Users Roles: - Client Type: Identity Collector (Active Directory) Authentication Method: Trust Distinguished Name: CN=checkpoint user,OU=IPF_Users,OU=IPF,DC=IPFtest,DC=local Connect Time: Sun Jun 30 01:23:12 2024 Next Reauthentication: Sun Jun 30 13:23:42 2024 Next Connectivity Check: - Next Ldap Fetch: Sun Jun 30 08:04:36 2024 Packet Tagging Status: Not Active Published Gateways: 10.1.12.20,Local ************************************************************************************</LI-CODE><P>&nbsp;</P><P>&nbsp;</P><P>but on pep gateway i cannot see user groups:</P><LI-CODE lang="markup">[Expert@cp-2:0]# pep show user query usr checkpoint_user Command: root-&gt;show-&gt;user-&gt;query PDP: &lt;10.1.12.10, 00000000&gt;; UID: &lt;dcacec19&gt; ================================================== Client ID : &lt;10.1.12.20, 00000000&gt; Authentication Key : &lt;Unavailable&gt; Brute force counter: 0 Username : checkpoint_user Log Username : checkpoint user (checkpoint_user) Machine name : alfa01 User groups : &lt;Unavailable&gt; Machine groups : &lt;Unavailable&gt; Compliance : &lt;Unavailable&gt; Identity Role : &lt;&gt; Time to live : 43230 Cached time : 86400 TTL counter : 43170 Time left : 27777 Client type : Identity Collector Last update time : Sun Jun 30 10:23:12 2024</LI-CODE><P>&nbsp;</P><P>Am i missing some configuration to see them? Thanks!</P><P>&nbsp;</P> Sun, 30 Jun 2024 12:50:46 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/PEP-not-showing-user-groups/m-p/219209#M41912 tomasFuk 2024-06-30T12:50:46Z Re: PEP not showing user groups https://community.checkpoint.com/t5/Firewall-and-Security-Management/PEP-not-showing-user-groups/m-p/219306#M41913 <P>I don't see any groups in the PDP output either, only "All Users" and no roles.<BR />And the machine identity appears to be propagated to the PEP gateway (alfa01).<BR />I assume this is operating as expected.</P> Mon, 01 Jul 2024 18:28:29 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/PEP-not-showing-user-groups/m-p/219306#M41913 PhoneBoy 2024-07-01T18:28:29Z