This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Bob_Zimmerman
MVP Gold
MVP Gold
‎2024-06-09 03:44 PM
Jump to solution

SmartCenter can't show domain object with full details

I'm working on some code to interact with domains on multi-domain systems. Increasingly, it looks like a SmartCenter is actually a multi-domain system with weird names (or maybe on an MDS, the empty domain name and the name "MDS" are aliases for "System Data"?) constrained to only a single domain named "SMC User". I can show this domain with 'show domains' and with 'show object', but 'show object ... details-level full' and 'show domain' both fail:

[Expert@DallasSA]# mgmt_cli -f json -r true -d "System Data" show domains
{
  "objects" : [ {
    "uid" : "41e821a0-3720-11e3-aa6e-0800200c9fde",
    "name" : "SMC User",
    "type" : "domain",
    "domain" : {
      "uid" : "a0eebc99-afed-4ef8-bb6d-fedfedfedfed",
      "name" : "System Data",
      "domain-type" : "mds"
    },
    "icon" : "Objects/domain",
    "color" : "black"
  } ],
  "from" : 1,
  "to" : 1,
  "total" : 1
}

[Expert@DallasSA]# smcUserUuid=$(!! | jq '.objects[]|.uid')
smcUserUuid=$(mgmt_cli -f json -r true -d "System Data" show domains | jq '.objects[]|.uid')

[Expert@DallasSA]# mgmt_cli -f json -r true -d "System Data" show object uid "${smcUserUuid}"
{
  "object" : {
    "uid" : "41e821a0-3720-11e3-aa6e-0800200c9fde",
    "name" : "SMC User",
    "type" : "domain",
    "domain" : {
      "uid" : "a0eebc99-afed-4ef8-bb6d-fedfedfedfed",
      "name" : "System Data",
      "domain-type" : "mds"
    },
    "icon" : "Objects/domain",
    "color" : "black"
  }
}

[Expert@DallasSA]# !! details-level full
mgmt_cli -f json -r true -d "System Data" show object uid "${smcUserUuid}" details-level full
{
  "code" : "generic_err_object_not_found",
  "message" : "Requested object [41e821a0-3720-11e3-aa6e-0800200c9fde] not found"
}

[Expert@DallasSA]# mgmt_cli -f json -r true -d "System Data" show domain uid "${smcUserUuid}"
{
  "code" : "generic_err_object_not_found",
  "message" : "Requested object [41e821a0-3720-11e3-aa6e-0800200c9fde] not found"
}

This indicates to me some kind of internal inconsistency.

Incidentally, every SmartCenter seems to have the same UUID for the "SMC User" domain. I've checked R81.10 jumbo 150, R81.20 jumbo 65, and a few on lower jumbos. So far, I've found these UUIDs to be consistent:

8bf4ac51-2df7-40e1-9bce-bedbedbedbed - APPI Data         type: CPDataDomain or data domain
a0bbbc99-adef-4ef8-bb6d-defdefdefdef - Check Point Data  type: CPDataDomain or data domain
a0bbbc99-adef-4ef8-bb6d-cebcebcebceb - IPS Data          type: CPDataDomain or data domain
41e821a0-3720-11e3-aa6e-0800200c9fde - SMC User          type: domain
a0eebc99-afed-4ef8-bb6d-fedfedfedfed - System Data       type: SystemDomain or mds

All except SMC User are present on both SmartCenters and MDSs. The type of most of the included domains depends on how you look at them. The first three show up in 'show object' as CPDataDomain, and in the domain field of other objects as "data domain". For "System Data", in 'show object', it's SystemDomain, and in the domain field of other objects, it's "mds". It looks like 'show object ... details-level full' works on all of the domains except "SMC User". 'show domain' doesn't work on any of them, even though they can appear in the 'domain' field of other objects.

0 Kudos
1 Solution

Accepted Solutions
Omer_Kleinstern
Employee
Employee
‎2024-06-16 05:49 AM
In response to PhoneBoy
Jump to solution

This is expected behavior.

The command "show-domain" is intended for user created domains.

View solution in original post

4 Replies
PhoneBoy
Admin
Admin
‎2024-06-10 08:24 AM
Jump to solution

Is this expected behavior @Omer_Kleinstern ?

0 Kudos
Omer_Kleinstern
Employee
Employee
‎2024-06-16 05:49 AM
In response to PhoneBoy
Jump to solution

This is expected behavior.

The command "show-domain" is intended for user created domains.

Bob_Zimmerman
MVP Gold
MVP Gold
‎2024-06-16 08:59 AM
In response to Omer_Kleinstern
Jump to solution

It seems like if 'show domains' returns an object, 'show domain' should accept that object. Also seems like this shouldn't happen:

[Expert@DallasSA]# mgmt_cli -f json -r true -d "System Data" show domains    
{
  "objects" : [ {
    "uid" : "41e821a0-3720-11e3-aa6e-0800200c9fde",
    "name" : "SMC User",
    "type" : "domain",
    "domain" : {
      "uid" : "a0eebc99-afed-4ef8-bb6d-fedfedfedfed",
      "name" : "System Data",
      "domain-type" : "mds"
    },
    "icon" : "Objects/domain",
    "color" : "black"
  } ],
  "from" : 1,
  "to" : 1,
  "total" : 1
}

[Expert@DallasSA]# !! details-level full
mgmt_cli -f json -r true -d "System Data" show domains details-level full
{
  "code" : "generic_error",
  "message" : "Null Pointer exception: null"
}

Similarly, it seems like if 'show object uid ...' shows an object, 'show object uid ... details-level full' should show at least the same amount of information about it instead of claiming it can't find the object which it just showed to me.

0 Kudos
the_rock
MVP Platinum
MVP Platinum
‎2024-06-16 10:14 AM
In response to Bob_Zimmerman
Jump to solution

I tested on 2 lab mgmt servers in the lab, one R81.10 and R81.20 jumbo 65, exact same result.

Andy

Best,
Andy
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events