https://community.checkpoint.com/t5/Firewall-and-Security-Management/Identity-awareness-setup/m-p/145968#M23111 <P>I believe admin account is needed, though I helped customer once using sk93938 and that worked as well, so not a must I guess. You can also use access roles in the rules to capture a user.</P> <P>Andy</P> Mon, 11 Apr 2022 13:46:47 GMT the_rock 2022-04-11T13:46:47Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Identity-awareness-setup/m-p/145966#M23110 <P>Hi All</P><P>I want to enable identity awarness, not for rules but just so I can see the user in the logs.</P><P>Firstly, I am having issues querying the AD domain, it comes up with a red error saying the user is not a domain administrator, does the user account really need to be a domain admin?</P><P>Secondly, once its done, do I need to amend anything in my rulebase for it to capture the user?</P><P>Many thanks</P> Mon, 11 Apr 2022 13:17:30 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Identity-awareness-setup/m-p/145966#M23110 carl_t 2022-04-11T13:17:30Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Identity-awareness-setup/m-p/145968#M23111 <P>I believe admin account is needed, though I helped customer once using sk93938 and that worked as well, so not a must I guess. You can also use access roles in the rules to capture a user.</P> <P>Andy</P> Mon, 11 Apr 2022 13:46:47 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Identity-awareness-setup/m-p/145968#M23111 the_rock 2022-04-11T13:46:47Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Identity-awareness-setup/m-p/145976#M23113 <P>Identity collector might be an alternative to explore here, see&nbsp;<SPAN>sk108235.</SPAN></P> Mon, 11 Apr 2022 14:25:39 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Identity-awareness-setup/m-p/145976#M23113 Chris_Atkinson 2022-04-11T14:25:39Z