CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


Tim Hall has done it again! He has just released the 2nd edition of "Max Power".
Rather than get into details here, I urge you to check out this announcement post.
It's a massive upgrade, and well worth checking out. -E

 

Results 1 to 10 of 10

Thread: Authentication AD for SmartDashboard

  1. #1
    Join Date
    2005-12-28
    Location
    Belgium
    Posts
    26
    Rep Power
    0

    Default Authentication AD for SmartDashboard

    Hello All,

    Its possible to authenticate administrators via Active Directory to login on smartdashboard without using RADIUS? I set up an LDAP account unit but where can I create the ADMIN Group?
    VPN with AD User is working and Rules authentication too.

    Thank you for your help

    Marc

  2. #2
    Join Date
    2006-03-08
    Location
    Lausanne
    Posts
    1,030
    Rep Power
    15

    Default Re: Authentication AD for SmartDashboard

    RADIUS is supported for administrators, so why not...
    -------------

    Valeri Loukine
    CCMA, CCSM, CCSI
    http://checkpoint-master-architect.blogspot.com/

  3. #3
    Join Date
    2007-03-06
    Location
    UK
    Posts
    128
    Rep Power
    13

    Default Re: Authentication AD for SmartDashboard

    I've considered this myself but then thought what if in a major incident your AD is uncontactable? I've always stuck to local passwords to mitigate risk.
    Remember to add to someones reputation if they have helped you, by clicking on the "sheriff badge" below the users post

  4. #4
    Join Date
    2007-06-04
    Posts
    3,304
    Rep Power
    17

    Default Re: Authentication AD for SmartDashboard

    Not to mention that AD authentication requires a User Directory License, RADIUS requires no License for SMARTDashboard Authentication.

    Of course you can just setup an IAS server as a RADIUS and as that links into the AD then effectively your AD password is your Administrator Password anyway.

  5. #5
    Join Date
    2012-07-19
    Posts
    11
    Rep Power
    0

    Default Re: Authentication AD for SmartDashboard

    Hello everybody,

    I'm brigning back this thread because I have some requirements so have SmartConsole administrator authenticated via AD. I have looked at check point documentation and I even asked support but didn't get any clear indication that is was feasable.

    I have the account Unit configured and I can brose the AD tree in smartbashboard. However, I can't find any way to have a administrator account or groups linked to the AD. when I create an administrator and chose check point as the authentication scheme, the GUI forces me to put a password.

    So, is there someone here who have done this have some kind of how to? Is there any statement by check point that this is not supported?

    Thank you in advance.

    PS: This is not related to Identity awareness or VPN login.

    Martin Berube

  6. #6
    Join Date
    2009-10-27
    Posts
    39
    Rep Power
    0

    Default Re: Authentication AD for SmartDashboard

    Quote Originally Posted by daz306td View Post
    I've considered this myself but then thought what if in a major incident your AD is uncontactable? I've always stuck to local passwords to mitigate risk.
    if Ad is unavailable, it will check locally

  7. #7
    Join Date
    2009-10-27
    Posts
    39
    Rep Power
    0

    Default Re: Authentication AD for SmartDashboard

    Can anyone answer beruqc's last post?
    I can only find radius and tacacs+ for admin login to smart dashboard. CAN CHECKPOINT use AD Integration?

  8. #8
    Join Date
    2007-06-04
    Posts
    3,304
    Rep Power
    17

    Default Re: Authentication AD for SmartDashboard

    Quote Originally Posted by evanc View Post
    Can anyone answer beruqc's last post?
    I can only find radius and tacacs+ for admin login to smart dashboard. CAN CHECKPOINT use AD Integration?
    Yes, via a RADIUS Server that links into the AD.

  9. #9
    Join Date
    2009-10-27
    Posts
    39
    Rep Power
    0

    Default Re: Authentication AD for SmartDashboard

    Quote Originally Posted by mcnallym View Post
    Yes, via a RADIUS Server that links into the AD.
    THanks for the reply, I just figured that out about an hour ago. Pity its not in the documentation, I see a few people asking about it.

    If the Ad server is running an IAS or NPC service you should be able to get away with using the one server.

    Not sure if i'll get it implemented the side of this year but if I do i'll update with the steps I take.

  10. #10
    Join Date
    2012-07-10
    Location
    Zurich, Switzerland
    Posts
    257
    Rep Power
    8

    Default Re: Authentication AD for SmartDashboard

    sk40697 might help as well

Similar Threads

  1. Checkpoint VPN Authentication with AD
    By magikman in forum Authentication
    Replies: 2
    Last Post: 2009-06-18, 09:49
  2. SmartDashboard does not syncronize with AD?
    By AllanKjśr in forum SmartDirectory/LDAP/Active Directory
    Replies: 0
    Last Post: 2009-02-11, 10:45
  3. AD for SmartDashboard logins?
    By karimi in forum SmartDirectory/LDAP/Active Directory
    Replies: 12
    Last Post: 2008-05-29, 11:37
  4. Client Authentication via AD
    By goldberg in forum SmartDirectory/LDAP/Active Directory
    Replies: 11
    Last Post: 2007-01-19, 16:01
  5. AD Authentication between two domains and Gateways
    By AndyB in forum SmartDirectory/LDAP/Active Directory
    Replies: 0
    Last Post: 2006-11-22, 07:36

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •