https://community.checkpoint.com/t5/Firewall-and-Security-Management/LDAP-and-Role/m-p/26223#M89200 <HTML><HEAD></HEAD><BODY><P>Hi Alessandro</P><P></P><P>Just to come back, there is no role working on the Environment who show us the Computer name and the User Name, only Computer name will be displayed.</P><P>But if we, create a new Policy and searching for the can Browse the Active Directory and see all Object.</P><P>What I think is that he place first the Network Object on the Policy and the next Policy is using the Role.</P><P>So if the Policy with the Network Object is match, why should he check the Policy with the Role.</P><P></P><P>Sorry have to come back tomorrow.</P><P></P><P>No access at the moment.</P></BODY></HTML> Tue, 22 Jan 2019 12:52:33 GMT Alexander_Baue1 2019-01-22T12:52:33Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/LDAP-and-Role/m-p/26217#M89194 <HTML><HEAD></HEAD><BODY><P>Hello together</P><P>&nbsp;I have the following Situation Chechpoint 8.10 in a Cluster Configuration, all Traffic is working fine.<BR />The was LDAP configured in the Past to conennct to 5 different Windows Domain Controller All Domain Controller are in sysnc and on the Entered in the Firewall.</P><P>We check all the Connection include (Fetch) and we get no Issue. So what is the Problem ?<BR />On the Log we can see normaly IP Address and the current User based on LDAP and Windows on a Role.<BR />But for some Users the is no Entry just Empty, only the IP Address is visible.</P><P>Permission is not read no Access to the Destination.<BR />For other Users in the same Windows Group it works, the come from a other Subnet.<BR />And other Users on a different Subnet we have the same Issue.</P><P>Any Idear.</P><P></P><P>best regars</P><P>Alexander</P></BODY></HTML> Tue, 22 Jan 2019 12:05:27 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/LDAP-and-Role/m-p/26217#M89194 Alexander_Baue1 2019-01-22T12:05:27Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/LDAP-and-Role/m-p/26218#M89195 <HTML><HEAD></HEAD><BODY><P>do you have http inspection active?</P></BODY></HTML> Tue, 22 Jan 2019 12:08:27 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/LDAP-and-Role/m-p/26218#M89195 Alessandro_Marr 2019-01-22T12:08:27Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/LDAP-and-Role/m-p/26219#M89196 <HTML><HEAD></HEAD><BODY><P>Hi Alessandro</P><P></P><P>I assume that you mean HTTPS Inspection Trust, finally not, all the Traffic of Source and Destination is inside on different Zones.</P><P>The current Configuration was imported from a Cisco PXI.</P><P>Yesterday we found out that on the 3rd. Firewall who is not part on the Cluster Identity Awareness is enabled , we remove the</P><P>Because some Users are connect to this Firewall, and not to the Cluster.</P><P>Best regards</P><P></P><P>Alexander</P></BODY></HTML> Tue, 22 Jan 2019 12:15:20 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/LDAP-and-Role/m-p/26219#M89196 Alexander_Baue1 2019-01-22T12:15:20Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/LDAP-and-Role/m-p/26220#M89197 <HTML><HEAD></HEAD><BODY><P>Do you have the recent GA Jumbo Take 169 installed ?</P></BODY></HTML> Tue, 22 Jan 2019 12:19:30 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/LDAP-and-Role/m-p/26220#M89197 G_W_Albrecht 2019-01-22T12:19:30Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/LDAP-and-Role/m-p/26221#M89198 <HTML><HEAD></HEAD><BODY><P>Hi</P><P></P><P>Have to check no remote access at the Moment.</P><P></P><P>Best regards</P><P>Alexander</P></BODY></HTML> Tue, 22 Jan 2019 12:30:20 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/LDAP-and-Role/m-p/26221#M89198 Alexander_Baue1 2019-01-22T12:30:20Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/LDAP-and-Role/m-p/26222#M89199 <HTML><HEAD></HEAD><BODY><P>is client machine a windows OS ? if yes, could you try just lock and unlock that machine and check if show user identity on log?</P><P></P><P>If your Domain controller has a short rotate event log you could be losting events of logon.&nbsp;</P><P></P><P>are you using AD query or identity collector?</P></BODY></HTML> Tue, 22 Jan 2019 12:41:47 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/LDAP-and-Role/m-p/26222#M89199 Alessandro_Marr 2019-01-22T12:41:47Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/LDAP-and-Role/m-p/26223#M89200 <HTML><HEAD></HEAD><BODY><P>Hi Alessandro</P><P></P><P>Just to come back, there is no role working on the Environment who show us the Computer name and the User Name, only Computer name will be displayed.</P><P>But if we, create a new Policy and searching for the can Browse the Active Directory and see all Object.</P><P>What I think is that he place first the Network Object on the Policy and the next Policy is using the Role.</P><P>So if the Policy with the Network Object is match, why should he check the Policy with the Role.</P><P></P><P>Sorry have to come back tomorrow.</P><P></P><P>No access at the moment.</P></BODY></HTML> Tue, 22 Jan 2019 12:52:33 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/LDAP-and-Role/m-p/26223#M89200 Alexander_Baue1 2019-01-22T12:52:33Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/LDAP-and-Role/m-p/26224#M89201 <HTML><HEAD></HEAD><BODY><P>Hello together</P><P></P><P>We have some news ☹</P><P></P><P>First the Issue is only with two Users in the same Group, other Users in the same Groups are working.</P><P>What did we do we add the missing Windows Domain Controller (total 5) to the LDAP Configuration, Result we can see now all Users from a other Location</P><P>who are not visible before. Remark have nothing to do with the Issue himself.</P><P>We change the Settings to read the LDAP Server from the Firewall himself (existing Object as Zone) to the to the real Name of the Servers (Host Object).</P><P>What did we assume the Firewall can read the LDAP Server because we have Hits on the Policy.</P><P>Test if User 1 is connected with PC 1 hi is not visible on the Log.</P><P>If the same User change to PC2 and log in we can see a Part of his Name in the Log Example Alex.B and not Alexander, Bauer.</P><P></P><P>Did we see in the Log the Display Name of the User from the Active Directory ?</P><P></P><P>Best regards</P><P>Alexander</P></BODY></HTML> Fri, 25 Jan 2019 08:52:12 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/LDAP-and-Role/m-p/26224#M89201 Alexander_Baue1 2019-01-25T08:52:12Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/LDAP-and-Role/m-p/26225#M89202 <HTML><HEAD></HEAD><BODY><P>Both PCs is on same domain, correct?</P><P></P><P>on each PC open a prompt and type the command "set", looking for line with LOGONSERVER and confirm if is the same DC.</P></BODY></HTML> Fri, 25 Jan 2019 10:44:37 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/LDAP-and-Role/m-p/26225#M89202 Alessandro_Marr 2019-01-25T10:44:37Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/LDAP-and-Role/m-p/26226#M89203 <HTML><HEAD></HEAD><BODY><P>take a look....</P><P></P><P><A class="link-titled" href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk93938" title="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk93938">Using Identity Awareness AD Query without Active Directory Administrator privileges on Windows Server 2008 and above</A>&nbsp;</P></BODY></HTML> Fri, 25 Jan 2019 10:47:19 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/LDAP-and-Role/m-p/26226#M89203 Alessandro_Marr 2019-01-25T10:47:19Z