Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted

Identity Awareness ignores machines

Jump to solution

Hello! 

I am setting up a test environment. There is a distributed installation of Check Point, a pair of test computers, AD DS, IIS. AD Query connects correctly. Then, when changing the user, the message "Machine (machine name) at (IP address) has 1 users (or more) currently connected to it, and will be automatically ignored" appears in the logs. I did not make any additional settings on the gateway or in the account unit. Please tell me how to fix it.

Thanks!!

0 Kudos
1 Solution

Accepted Solutions
Highlighted
Admin
Admin
4 Replies
Highlighted
Admin
Admin

Quoting from here: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

  • User Change: If an unknown user association is encountered, and "assume one user per IP" is "on", all of the currently associated users are revoked, and the new association is added as the only user for this IP address. If there were any machine associations for this IP address, they are left intact. See "Single User Assumption" in the Identity Awareness Administration Guide for more information.

  • Multi user host detected: If 7 (by default) users are currently associated for the same IP address, the IP address is automatically considered a "multi user host". A log about it is issued, all of the currently associated users are revoked and all new user associations for this IP address are ignored.

In a nutshell, AD Query as the default choice only working reliably if users do not change machines too often. AD Query looks for log on events only and ignores log off ones. You can tweak the behaviour by tuning "Single User Assumption" settings (see the guide), but if you want a reliable tool allowing often user changes on a single PC, use IA Agent.

Highlighted
Admin
Admin
Highlighted
Thanks! It was a Multi-User detection threshold.
Highlighted
Admin
Admin

I am glad it works for you now

0 Kudos