- Products
- Learn
- Local User Groups
- Partners
-
More
Celebrate the New Year
With CheckMates!
Value of Security
Vendor Self-Awareness
Join Us for CPX 360
23-24 February 2021
Important certificate update to CloudGuard Controller, CME,
and Azure HA Security Gateways
How to Remediate Endpoint & VPN
Issues (in versions E81.10 or earlier)
Mobile Security
Buyer's Guide Out Now
Important! R80 and R80.10
End Of Support around the corner (May 2021)
I have a scenario where users had local accounts created on firewall and now we have created user accounts in the Active Directory. The local accounts are to be deleted and all users should authenticate via AD only in future. To avoid disruption and migrate all the AD based accounts smoothly, how to identify if user is authenticating locally or via AD.
In the logs you can check after the Key install logs, for the Decrypt packets and the field called Src User Dn which should contain the full path for the user in AD.
You would require to do a ActiveDirectory query for all users and get the distinguishedName attribute.
It's basically the full path to which the AD user is found in the Forest/Domain .
Try in SVTracker to show the column, filter and export.
About CheckMates
Learn Check Point
Advanced Learning
WELCOME TO THE FUTURE OF CYBER SECURITY