Management and Gateways are running R81.20.
Currently users are created locally in SmartConsole, for each user a certificate is created. This is only used for RemoteAccess.
A few years ago it was only for a few users. Since everybody is more or less working remotely now we need to do this for every user.
We’d like to investigate the possibility of going from that model to using accounts from Microsoft AD. There wouldn’t be a need to create an account another time in CheckPoint.
We’re using Identity Awareness so LDAP account unit already exist.
Is it only a matter of enabling User Directory components in the properties of the management server?
I thought I had seen somewhere that you couldn’t have an internal user db and an external one at the same time. I can’t find that reference anymore so maybe it doesn’t matter.
thanks
Francis