This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
prasannat
Employee
Employee
‎2020-09-25 01:35 AM

How to verify authentication mechanism used

I have a scenario where users had local accounts created on firewall and now we have created user accounts in the Active Directory. The local accounts are to be deleted and all users should authenticate via AD only in future. To avoid disruption and migrate all the AD based accounts smoothly, how to identify if user is authenticating locally or via AD.

0 Kudos
4 Replies
funkylicious
Advisor
‎2020-09-25 02:12 AM

In the logs you can check after the Key install logs, for the Decrypt packets and the field called Src User Dn which should contain the full path for the user in AD.

prasannat
Employee
Employee
‎2020-09-30 02:26 AM
In response to funkylicious

Thank you for your response. I managed to find the field, is there a way to export this information for all users which have this filed populated.  

Preview file
41 KB
0 Kudos
funkylicious
Advisor
‎2020-09-30 02:48 AM
In response to prasannat

You would require to do a ActiveDirectory query for all users and get the distinguishedName attribute.

It's basically the full path to which the AD user is found in the Forest/Domain .

0 Kudos
G_W_Albrecht
Legend
Legend
‎2020-09-30 07:00 AM
In response to prasannat

Try in SVTracker to show the column, filter and export.

CCSE CCTE SMB Specialist
0 Kudos