P. 1
CP R75 Identity Awareness Admin Guide

CP R75 Identity Awareness Admin Guide

|Views: 1,144|Likes:
Published by ecorona33

More info:

Published by: ecorona33 on Jan 11, 2011
Copyright:Attribution Non-commercial


Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less





1. Log in to SmartDashboard.
2. From the Network Objects tree, right-click Check Point and select the gateway with the Log Server.
3. From the Gateway Properties tree, select Identity Awareness. On the Identity Awareness page, select
Add Identity to logs received from non-identity aware gateways.
The Identity Awareness Configuration wizard opens.

4. Click Next.

The Integration With Active Directory window opens.
When SmartDashboard is part of the domain, SmartDashboard suggests this domain automatically. If
you select this domain, the system creates an LDAP Account Unit with all of the domain controllers in
the organization's Active Directory.

Note - We highly recommend that you go to the LDAP Account Unit
and make sure that only necessary domain controllers are in the list. If
AD Query is not required to operate with some of the domain
controllers, delete them from the LDAP Servers list.

If you create a new domain, the LDAP account unit that the system creates contains only the domain
controller you set manually. If it is necessary for AD Query to fetch data from other domain controllers,
you must add them at a later time manually to the LDAP Servers list.
To view/edit the LDAP Account Unit object, go to the Firewall tab > Servers and OPSEC Applications
tab in the objects tree > LDAP Account Unit.
The LDAP Account Unit name syntax is: _ _ AD
For example, CORP.ACME.COM_ _ AD.

5. From the Select an Active Directory list, select the Active Directory to configure from the list that
shows configured LDAP account units or create a new domain. If you have not set up Active Directory,
you need to enter a domain name, username, password and domain controller credentials.
6. Enter the Active Directory credentials and click Connect to verify the credentials.
Important - For AD Query you must enter domain administrator credentials.

7. Click Finish.

Page 41

Chapter 3

You're Reading a Free Preview

/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->