Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] Active Directory Authentication

To: [email protected]
Subject: Re: [FW-1] Active Directory Authentication
From: David Crowfoot <[email protected]>
Date: Wed, 8 Oct 2003 16:21:04 -0700
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

I had this setup and working before.  I did not extend the schema or use
radius services.  Let me look up my notes, and recreate the setup.  I
was using it for secureclient.

Dave Crowfoot
www.works4me.com>>> [email protected] Wednesday, October 08, 2003 1:24:28 PM >>>
Hi,

I'd like to connect a Checkpoint NG-AI to a Microsoft
Active Directory such that it uses the AD user database
without further user management:

I'm querying the AD as a LDAP user group which
works well to find the user. But how can the
Checkpoint verify the password given by the user?


One solution would be to extend the LDAP Schema and
to store the FW-1 passwords on the LDAP server, but that's
not desired. There should be no further passwords, just the
passwords the users use to login at the Windows machines.


Another solution would be to configure the Checkpoint to
query a RADIUS/TACACS server. ADS doesn't play RADIUS, does it?

So what's the simplest way to allow users to authenticate against
the Checkpoint (user auth/secure client) with the same password they
use at their windows machines?

regards
Hadmut

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

Prev by Date: Re: [FW-1] SecureRemote / Network Addressing / Userc.C
Next by Date: Re: [FW-1] SecureRemote / Network Addressing / Userc.C
Previous by thread: Re: [FW-1] Nokia HA PAir Upgrade
Next by thread: Re: [FW-1] Active Directory Authentication
Index(es):
- Date
- Thread