Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] os password and nt authentication

To: "Mangelli, Leonardo" <[email protected]>
Subject: Re: [FW1] os password and nt authentication
From: CryptoTech <[email protected]>
Date: Mon, 06 Nov 2000 08:29:12 -0500
Cc: "'[email protected]'" <[email protected]>
References: <9F9495C25F01D111853D00805F0DF09FCDEB3B@cpqla-rio01.djo.cpqcorp.net>
Sender: [email protected]

My experience with Check Point and NT domain auth is that they recommend you run
RADIUS or LDAP or something on the NT domain architecture.  This gives you full
control over the users that can auth through the firewall, while not opening the
firewall up to potential performance degradation because of MS services.

"Mangelli, Leonardo" wrote:

> Hi,
>
>         i have a customer that would like to use NT authentication for the
> http services, but only for a restric group.
>         As i saw in the documentation he has to join the firewall machine in
> the domain and after that he can choose two options:
>                         1 - create a user called "generic*" to authenticate
> all user in a external database (Nt domain)
>                         2 - create account by account in the firewall for it
> check in the PDC
>
>         My questions are:
>                 1- If my customer has 1000 user accounts in the NT domain
> but only 400 user can access the http service.
>                     How can i restrict the access to permit only the 400 to
> pass through the firewall authenticating.
>                     The only way for me is create the 400 account one by one
> in the firewall, but it's crazy.
>
>                 2- Does the FW-1 support OS password authetication for
> multiple NT domains???
>
>         Leonardo S.L. Passeri Mangelli
>         Infrastructure Services - COMPAQ Brazil
>         Phone: 55-21-277-6180
>         e-mail:[email protected]
>              nosso site:http://www.compaq.com
>
> ================================================================================
>      To unsubscribe from this mailing list, please see the instructions at
>                http://www.checkpoint.com/services/mailing.html
> ================================================================================



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

References:
- [FW1] os password and nt authentication
  - From: "Mangelli, Leonardo" <[email protected]>

Prev by Date: Re: [FW1] Installing security policy
Next by Date: [FW1] Re:
Previous by thread: [FW1] os password and nt authentication
Next by thread: RE: [FW1] os password and nt authentication
Index(es):
- Date
- Thread