You receive reports from multiple users that they cannot browse. Upon further discovery you identify that Identity Awareness cannot identify the users properly and apply the configured Access Roles. What commands you can use to troubleshoot all identity collectors and identity providers from the command line?
To troubleshoot identity collectors and identity providers on a Check Point gateway, the appropriate command is executed on the gateway and should cover both IDC (Identity Collector) and IDP (Identity Provider) components. The correct command format is 'pdp debug set IDC all IDP all'. This command enables debugging for all topics related to both identity collectors and providers, which is essential for identifying and resolving the issues with Identity Awareness correctly and efficiently.
Configure the topic and severity filters to determine what is written to the log file. Severity filters include all, critical, events, important, and surprise. Check Point Support provides more specific topics, based on reported issues. The best practice is to set all topics and severities: pdp debug set all all Note : You can set multiple topics in the same command: pdp debug set IDC all IDP all
C: Best Practice - We recommend to enable all Topics and all Severities. Run: pdp debug set all all https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_IdentityAwareness_AdminGuide/Topics-IDAG/CLI/pdp-debug.htm
C seem good, however the C choice begin with "on the management:...." A pdp debug is executed on a GW, not a management. Answer A and B are not good Definitively answer is D
Exactly, I agree