- Products
- Learn
- Local User Groups
- Partners
- More
Access Control and Threat Prevention Best Practices
5 November @ 5pm CET / 11am ET
Ask Check Point Threat Intelligence Anything!
October 28th, 9am ET / 3pm CET
Check Point Named Leader
2025 Gartner® Magic Quadrant™ for Hybrid Mesh Firewall
HTTPS Inspection
Help us to understand your needs better
CheckMates Go:
Spark Management Portal and More!
Hi All,
I need your suggestion on this, could you please let me know how to configure Identity awareness for 2 domains.
We have 2 domains and we need to configure Identity Awareness for both the domains. Is this possible?
Is yes can you please let me know how to achieve this? This is the first time i am implementing the Identity awareness, so let me know what all the best back-out plan if something goes wrong.
This is a very broad and complicated topic - please study the CP Identity Awareness Admin Guide (for R77 or R80 versions) first to be able to select the best configuration for the customer. A very good way to get information from several DCs is the Check Point Identity Collector, see sk108235 !
Thank you Gunther, i will go through the SK and will get back to you if any doubts.
Hi Gunther,
I went through multiple docs and the SK you shared and found that there is a possibility of configuring multiple domains. As per the adminisration guide. But no where i see the help to how we configure and where to configure.
Identity Awareness R80.10 Administration Guide
As per the note in the administration guide below:
Notes:
So that says we can configure additional AD, but not sure how to configure. Is there any who tried this? Any suggestions help please.
Identity Source does mean something else - here, you have to follow sk97837: How to add Multiple LDAP Servers into AD Query.
Thank you Gunther
I will check this and configure in the standby site first and then if any doubts will get back to you.
I have not tested it, but I would say that it should work like this:
When using the Identity Awareness wizzard you only have the possibility to add one AD/domain.
For the second AD/Domain you need to add a LDAP Account Unit manually.
After that go into your gateway's properties --> Identity Awareness
Select the settings of the identity sources you are using.
Go to the authentication settings and add the LDAP account unit you added before to the user directories:
Cheers
Sven
Hi Sven,
Could you please be more clear on this. I will add one AD/Domain from the Wizzard and the second one as below SK.
How to add Multiple LDAP Servers into AD Query
And then what should i do to proceed to get this working? Please give me steps or any SK that could help. Because today at 3PM UK i will be implementing it. As of now i am not seeing any Identity awareness settings hope it will be enabled only after i enable the blade.
What the SK forget to tell is: If you want to add a second AD you need to an a new LDAP Account Unit.
The you can add the new LDAP Account Unit as described in the SK.
Cheers
Sven
Hi All,
I tried configuring the first domain, but during the first step it failed with the below error message.
SmartDashboard could not connect to 10.10.10.1 - Could not communicate with Server.
HI Sanjay,
for connection to the AD you need several open ports.
Please check R80.x Ports Used for Communication by Various Check Point Modules
Additinally you need users with specific rights in the AD.
Hope this will help.
Cheers
Sven
Thank you Sven for the reply.
Could you please help me to know whether there should be access from Management server to the AD server for which we will enable the Identity awareness blade?
What all pre-requisites for getting this happen other than ports? Please help.
Just for clarification does the AD server needs to be reachable from both Management server and Gateways to get this working?
Yes.
For creating access-roles using the SmartConsole you have to select specific items from the AD tree.
For this operation you need to have access from the management server to the AD
Leaderboard
Epsum factorial non deposit quid pro quo hic escorol.
User | Count |
---|---|
20 | |
18 | |
18 | |
11 | |
11 | |
7 | |
7 | |
7 | |
6 | |
5 |
Tue 28 Oct 2025 @ 11:00 AM (EDT)
Under the Hood: CloudGuard Network Security for Google Cloud Network Security Integration - OverviewTue 28 Oct 2025 @ 12:30 PM (EDT)
Check Point & AWS Virtual Immersion Day: Web App ProtectionTue 28 Oct 2025 @ 11:00 AM (EDT)
Under the Hood: CloudGuard Network Security for Google Cloud Network Security Integration - OverviewTue 28 Oct 2025 @ 12:30 PM (EDT)
Check Point & AWS Virtual Immersion Day: Web App ProtectionThu 30 Oct 2025 @ 03:00 PM (CET)
Cloud Security Under Siege: Critical Insights from the 2025 Security Landscape - EMEAThu 30 Oct 2025 @ 02:00 PM (EDT)
Cloud Security Under Siege: Critical Insights from the 2025 Security Landscape - AMERAbout CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY