This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Xavier_FIQUET
Participant
‎2020-01-23 09:07 AM
Jump to solution

Push the windows Credentials to Endpoint Security client or vice versa

Hello,

we are using endpoint security client with AD authentication.

we are working to avoid 2 times logins :  one login/password to connect to the vpn , then the same for windows authentication.

 

is there a way to:

1- connect first to the vpn client with AD credential ( SDL) , then to "pass" the information to the windows login screen so that the user is logged ?

OR

2- login to windows login screen and then push the credentials (script,windows credentials).. to the endpoint client that automatically log to the vpn gw ?

 

thank you in advance.

we are using E80.x and R80.20 platforms

 

regards

0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin
‎2022-09-08 10:46 AM
In response to Andre91
Jump to solution

The single sign on capabilities are tied to Check Point's implementation of Full Disk Encryption.

View solution in original post

0 Kudos
9 Replies
Wolfgang
Authority
Authority
‎2020-01-23 11:04 AM
Jump to solution

Xavier,

you should enable SecureDomainLogin on the VPN client.

With this you can start your VPN tunnel before you login to Windows and the credentials are passed to the windows logon.

There is no need to authenticate twice. 

Wolfgang

0 Kudos
Xavier_FIQUET
Participant
‎2020-01-24 05:09 AM
In response to Wolfgang
Jump to solution

hello Wolfgang,

 

thank you for your reply. SDL is already setup.

the user is connecting to the VPN client, then, he got the standard windows logon .. there is no "auto logon feature". is that something need to be actived somewhere ??

 

thank you,

best regards

 

xavier

0 Kudos
Wolfgang
Authority
Authority
‎2020-01-24 05:45 AM
In response to Xavier_FIQUET
Jump to solution

Have a look at the client guide:

REMOTE ACCESS CLIENTS FOR WINDOWS 32/64-BIT E80.72 AND HIGHER 

page 53, Secure Domain Logon (SDL)

Wolfgang

PS.: Do you have only VPN client installed or running with FDE in place ?

0 Kudos
Xavier_FIQUET
Participant
‎2020-01-24 05:51 AM
In response to Wolfgang
Jump to solution

hello again,

the laptop is encrypted with bitlocker and  the endpoint client E80.87 is installed.

maybe that's the reason ?

0 Kudos
Wolfgang
Authority
Authority
‎2020-01-24 05:55 AM
In response to Xavier_FIQUET
Jump to solution

Not sure, but sounds the same:

Support for FDE SSO functionality and Explicit SDL on Endpoint Security Client 

Wolfgang

0 Kudos
Andre91
Explorer
‎2022-09-06 06:55 AM
In response to Wolfgang
Jump to solution

Hey Wolfgang,

I know this post is a bit older but we have the same problem here. Endpoint Security Client 86.50 with SDL enabled.

The icon appears on the windows logon screen. I can connect to the vpn, but after that my windows logon must be done seperately. FDE or bitlocker is not active on our test client.

Regards

0 Kudos
PhoneBoy
Admin
Admin
‎2022-09-06 07:16 AM
In response to Andre91
Jump to solution

Auto-signin to Windows only works with FDE installed to the best of my knowledge.

0 Kudos
Andre91
Explorer
‎2022-09-08 07:15 AM
In response to PhoneBoy
Jump to solution

Thanks for the quick reply. Our notebooks don´t support FDE but BitLocker encryption. Is this equal?

With active BitLocker there is no improvement.

Regards

0 Kudos
PhoneBoy
Admin
Admin
‎2022-09-08 10:46 AM
In response to Andre91
Jump to solution

The single sign on capabilities are tied to Check Point's implementation of Full Disk Encryption.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events