I did a several succesfull integrations with Novell's eDirectory (NDS) LDAP
v3 server. What you need to do is take the .LDIF file from your FW1 CD and
use that to extend the schema of your LDAP server. In that way you can
specify ecerything in your LDAP tree with your preferred LDAP management
tool.
Another way is that you choose the default settings for authentication in
the LDAP Server properties of your fw1 and then you don't have to extend your
schema: your fw1 will use its default settings and just search for
objectname=user.
" Over-reliance on experience
leads to making
the same mistakes
with increasing levels of confidence.
"
>>> "Jonathan Zuilkowski"
<
[email protected]> 27/04/01 16:14
>>>
Hi.
I'm trying to figure out how checkpoint ties in
to ldap.
What I need to know specifically is what attribute combination I
need for a
user to be able to use secureremote/secureclient with IKE only
and password
(no digital certificate).
This shouldn't be rocket
science, but I'm continually referred to the AMC.
I have a different
department that manages these accounts and I don't want
them to have that
much access to my LDAP tree because I also use it for
other
things.
That's why I've built a web based management app that restricts
what they
can get to.
When I tried what I thought would make it work,
I got the message in
secureremote that said there was no preshared
secret.
What hash method does the preshared secret use? crypt?
If
anyone has successfully implemented checkpoint with LDAP without the
annoying Account Management Client, please tell me
how.
_________________________________________________________________
Get
your FREE download of MSN Explorer at
http://explorer.msn.com================================================================================
To unsubscribe from this mailing list, please see the instructions
at
http://www.checkpoint.com/services/mailing.html================================================================================