- CheckMates
- :
- Products
- :
- Quantum
- :
- Remote Access VPN
- :
- Push the windows Credentials to Endpoint Security ...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Push the windows Credentials to Endpoint Security client or vice versa
Hello,
we are using endpoint security client with AD authentication.
we are working to avoid 2 times logins : one login/password to connect to the vpn , then the same for windows authentication.
is there a way to:
1- connect first to the vpn client with AD credential ( SDL) , then to "pass" the information to the windows login screen so that the user is logged ?
OR
2- login to windows login screen and then push the credentials (script,windows credentials).. to the endpoint client that automatically log to the vpn gw ?
thank you in advance.
we are using E80.x and R80.20 platforms
regards
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The single sign on capabilities are tied to Check Point's implementation of Full Disk Encryption.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Xavier,
you should enable SecureDomainLogin on the VPN client.
With this you can start your VPN tunnel before you login to Windows and the credentials are passed to the windows logon.
There is no need to authenticate twice.
Wolfgang
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
hello Wolfgang,
thank you for your reply. SDL is already setup.
the user is connecting to the VPN client, then, he got the standard windows logon .. there is no "auto logon feature". is that something need to be actived somewhere ??
thank you,
best regards
xavier
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Have a look at the client guide:
REMOTE ACCESS CLIENTS FOR WINDOWS 32/64-BIT E80.72 AND HIGHER
page 53, Secure Domain Logon (SDL)
Wolfgang
PS.: Do you have only VPN client installed or running with FDE in place ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
hello again,
the laptop is encrypted with bitlocker and the endpoint client E80.87 is installed.
maybe that's the reason ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Not sure, but sounds the same:
Support for FDE SSO functionality and Explicit SDL on Endpoint Security Client
Wolfgang
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hey Wolfgang,
I know this post is a bit older but we have the same problem here. Endpoint Security Client 86.50 with SDL enabled.
The icon appears on the windows logon screen. I can connect to the vpn, but after that my windows logon must be done seperately. FDE or bitlocker is not active on our test client.
Regards
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Auto-signin to Windows only works with FDE installed to the best of my knowledge.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks for the quick reply. Our notebooks don´t support FDE but BitLocker encryption. Is this equal?
With active BitLocker there is no improvement.
Regards
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The single sign on capabilities are tied to Check Point's implementation of Full Disk Encryption.