This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
tomasFuk
Explorer
‎2024-06-30 05:50 AM
Jump to solution

PEP not showing user groups

Hello,

 

i have working PDP -> PEP identities sharing. 

On PDP gateway i can see user with all required info including groups:

 

************************************************************************************
Session:  dcacec19
Session UUID:  {74CBE119-8E85-7D09-71EC-90BA29F3FA00}
Ip:  10.1.12.20
Machine:
 alfa01@ipftest.local {1e7c2749}
   Groups: All Machines
   Roles: -
   Client Type: Identity Collector (Active Directory)
   Authentication Method: Trust
   Distinguished Name: CN=ALFA01,OU=Domain Controllers,DC=IPFtest,DC=local
   Connect Time: Sun Jun 30 01:23:12 2024
   Next Reauthentication: Sun Jun 30 13:23:42 2024
   Next Connectivity Check: -
   Next Ldap Fetch: Sun Jun 30 08:49:40 2024

Users:
 checkpoint_user@ipftest.local {b58917bd}
   LogUsername: checkpoint user (checkpoint_user)
   Groups: All Users
   Roles: -
   Client Type: Identity Collector (Active Directory)
   Authentication Method: Trust
   Distinguished Name: CN=checkpoint user,OU=IPF_Users,OU=IPF,DC=IPFtest,DC=local
   Connect Time: Sun Jun 30 01:23:12 2024
   Next Reauthentication: Sun Jun 30 13:23:42 2024
   Next Connectivity Check: -
   Next Ldap Fetch: Sun Jun 30 08:04:36 2024

Packet Tagging Status:  Not Active
Published Gateways:  10.1.12.20,Local
************************************************************************************

 

 

but on pep gateway i cannot see user groups:

[Expert@cp-2:0]# pep show user query usr checkpoint_user
Command: root->show->user->query


PDP: <10.1.12.10, 00000000>; UID: <dcacec19>
==================================================
  Client ID          : <10.1.12.20, 00000000>
  Authentication Key : <Unavailable>
  Brute force counter: 0
  Username           : checkpoint_user
  Log Username       : checkpoint user (checkpoint_user)

  Machine name       : alfa01
  User groups        : <Unavailable>
  Machine groups     : <Unavailable>
  Compliance         : <Unavailable>
  Identity Role      : <>
  Time to live       : 43230
  Cached time        : 86400
  TTL counter        : 43170
  Time left          : 27777
  Client type        : Identity Collector
  Last update time   : Sun Jun 30 10:23:12 2024

 

Am i missing some configuration to see them? Thanks!

 

0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin
‎2024-07-01 11:28 AM
Jump to solution

I don't see any groups in the PDP output either, only "All Users" and no roles.
And the machine identity appears to be propagated to the PEP gateway (alfa01).
I assume this is operating as expected.

View solution in original post

0 Kudos
1 Reply
PhoneBoy
Admin
Admin
‎2024-07-01 11:28 AM
Jump to solution

I don't see any groups in the PDP output either, only "All Users" and no roles.
And the machine identity appears to be propagated to the PEP gateway (alfa01).
I assume this is operating as expected.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events