This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
enrico_azzolin
Participant
10 hours ago

"pep show user query usr" - Time Left

Hello, 


below the output of the command "pep show user query usr".  I see that in many cases the "time left" is automatically renewed before expiring. But in some case the pep entry is not renewed even if the user is actually working and the pdp gateway has a valid entry for the same user.  

What is the mechanism driving the refresh of the user pep "time left" ?

Thanks

 

--------------------

 

[Expert@xxxxxxxxxxxxx:0]# pep show user query usr xxxx
Command: root->show->user->query


PDP: <xxxxxxxxxxxxxx, 00000000>; UID: <c2411256>
==================================================
Client ID : <xxxxxxxxxxxxxx, 00000000>
Authentication Key : <Unavailable>
Brute force counter: 0
Username : xxxx
Log Username : xxxxxxxxxxxxxxxxxxxxxx

Machine name :
User groups : <Unavailable>
Machine groups : <Unavailable>
Compliance : <Unavailable>
Identity Role : xxxxxxxxxxxxxxxxxxxxx
Time to live : 43230
Cached time : 86400
TTL counter : 43170
Time left : 39782
Client type : Identity Collector
Last update time : Mon Oct 7 09:09:11 2024

 

Preview file
20 KB
0 Kudos
2 Replies
PhoneBoy
Admin
Admin
6 hours ago

I assume we are looking only at login events.
Note that authenticating to your screensaver after timeout should generate the necessary login eventz

0 Kudos
enrico_azzolin
Participant
5 hours ago
In response to PhoneBoy

The point is that some users that have an entry still vaild on the PDP gateway, for some reason lose their entry on the PEP gateway for timeout. I'm trying to understand why this happens and why the entry on the PEP gateway is not automatically refreshed.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events