https://community.checkpoint.com/t5/General-Topics/Identity-Awareness-LocalUser-log-in-after-DomainUser-on-the-same/m-p/95554#M18815 <P>Running a local Identity Agent would be the only way to solve this issue (which is what sk122638 says).&nbsp;</P> Sat, 29 Aug 2020 05:58:02 GMT PhoneBoy 2020-08-29T05:58:02Z https://community.checkpoint.com/t5/General-Topics/Identity-Awareness-LocalUser-log-in-after-DomainUser-on-the-same/m-p/95423#M18801 <P>Hi all,</P><P>i would like to ask you some advices on how to implement IA using Identity Collector.</P><P>If i understund well, by design IA with IDC take in consideration only about the auth events seen on the sources defined in the query pool.<BR />So if a LocalUser logs in on a windows client after a DomainUser logout, for the pdp/pep point of view, nothing is changed and the LocalUser take the same network access as the DomainUser.</P><P>As for sk122638 i suppose that there is no way to force the LocalUser to do a web-based authentication. It's right?<BR />Can the solution provided in this sk122638 be considered valid also for R80.20/30/40 and when a log out is performed?</P><P>Thanks in advance</P><P>&nbsp;</P><P>&nbsp;</P> Thu, 27 Aug 2020 15:48:45 GMT https://community.checkpoint.com/t5/General-Topics/Identity-Awareness-LocalUser-log-in-after-DomainUser-on-the-same/m-p/95423#M18801 FraP 2020-08-27T15:48:45Z https://community.checkpoint.com/t5/General-Topics/Identity-Awareness-LocalUser-log-in-after-DomainUser-on-the-same/m-p/95554#M18815 <P>Running a local Identity Agent would be the only way to solve this issue (which is what sk122638 says).&nbsp;</P> Sat, 29 Aug 2020 05:58:02 GMT https://community.checkpoint.com/t5/General-Topics/Identity-Awareness-LocalUser-log-in-after-DomainUser-on-the-same/m-p/95554#M18815 PhoneBoy 2020-08-29T05:58:02Z