This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
M_Ruszkowski
Collaborator
‎2016-03-08 03:48 PM

Create a Domain without startup?

In R80 how do you create a new domain but do not start it?  So far the GUI and the API automatically starts the new Domain after creation. 

8 Replies
Eran_Habad
Employee
Employee
‎2016-03-08 10:18 PM

Hi Michael,

Currently in R80 this is not supported. We do plan to support it on future releases.

May I ask what is your use-case in which you don't want to start the new Domain automatically?

Eran

0 Kudos
M_Ruszkowski
Collaborator
‎2016-03-09 05:07 AM
In response to Eran_Habad

In all the past versions we can export a Domain/CMA and import into a new MDS.  However the only way to do this is to build a new Domain on the new MDS and then do not start it.  We would then take the export from the old Domain, then take this export and import it into the new domain and then start it afterwards.  If you start the Domain before the import, the import will fail.  So this feature is a must for migrating Domains on at a time.  We also use this feature to move a Domain from one MDS to another.  When you try and run a cma_migrate it will tell you in the output to not start the domain.   Without this feature Check Point is going to make our migration to R80 impossible in the near future.  I can't believe Check Point would even consider releasing R80 without this working.  You will probably find we are not the only customer that uses this feature.  

0 Kudos
Glen_Bayless
Employee
Employee
‎2016-03-09 08:43 AM
In response to M_Ruszkowski

In the current R77.x environments the process to import a CMA one at a time has improved so it is not necessary to create the domain without first starting it.

If you look at the windows carefully you should see at the bottom of one an "Import Options" section which allows you to enter the full path to an export file.

Doing this correctly will import your CMA without having to create it without starting it.

While I'm not 100% sure this feature will be in R80 I doubt they would have removed it in a future release.

How To Migrate from Security Management Server to Domain Management Server

0 Kudos
Eran_Habad
Employee
Employee
‎2016-03-09 08:48 AM

Hi,

To be more accurate -

It's not supported using the SmartConsole but it is supported using the APIs.

This is from the user manual -

Eran

M_Ruszkowski
Collaborator
‎2016-03-09 09:43 AM

That helps out a lot.  I did not see the option for "skip-start-domain-server".   I was using the directions from the "CP_R80_Multi-DomainSecurityManagement_AdminGuide.pdf" and it did not show this part.   I will give it a try.

Thank you!

From the "CP_R80_Multi-DomainSecurityManagement_AdminGuide.pdf"

To create a new Domain (add domain):

# mgmt_cli add domain name "<domain>" servers.ip-address "<ip_address>" servers.name "<domain_server>" servers.multi-domain-server "<multi_domain_server>"

0 Kudos
genisis__
Mentor Mentor
Mentor
‎2020-10-19 05:42 AM
In response to M_Ruszkowski

The part this is missing is how to assign a license to the CMA,  is there anyway to do this?  I have amds that is using legacy licensing so would need to assign a license per CMA.

0 Kudos
Maarten_Sjouw
Champion
Champion
‎2020-10-19 06:08 AM
In response to genisis__

Go into topleft menu in Smartconsole and select Manage Licenses and Packages, which will start SmartUpdate.

In SmartUpdate go to the left pane Multi-Domain Licenses and select your CMA from the list right click on it and attach a license from repository.

When it will tell you there was a problem attaching the license try to make sure to attach the same license again, now it will give you the error that it is already attached.

Regards, Maarten
0 Kudos
genisis__
Mentor Mentor
Mentor
‎2020-11-07 01:50 PM
In response to Maarten_Sjouw

Is there not a way to attach a license using the mgmt_cli command in that way the whole build can be scripted.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events
    Top