Scenario: A Citrix Administrator gives permissions to team members to access their own admin partition. This will allow them to add resources for different departments and manage them without making changes to the default Citrix ADC partition and configuration.
One team member trying to use the command line interface (CLI) to troubleshoot an authentication issue could NOT use aaad.debug. However, the team member has full permissions on the admin partition.
What can be the cause of this issue?
The team member does not have shell access by design. In Citrix ADC, administrator partitions are typically restricted in terms of shell access to avoid security risks. Although the team member has full permissions on the admin partition, they still lack shell access, which is required to execute certain commands such as aaad.debug. Hence, the inability to use the command is due to the lack of shell access.
D. "Partition users do not have shell access." https://docs.citrix.com/en-us/citrix-adc/current-release/admin-partition.html
AAAD is a shell command, most likely has CLI but not shell, that's an additional permission Answer is D
Partition users do not have shell access!