- CheckMates
- :
- Products
- :
- Harmony
- :
- SASE
- :
- Re: Harmony Connect error "your organizational ema...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Harmony Connect error "your organizational email domain is not mapped"
Hello Mates!
My customer is trying to connect a new user in Harmony Connect App and the following error occurs:
I'm not sure, but I think it's a new domain, the old one is @euemdia.com.br there's a slight difference between it.
How can I map this new domain in the account?
Thank you!
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi everyone,
I'm Tamir from the Harmony Connect team.
To give some background to this issue :
Harmony Connect supports 2 types of users.
1. Local-users : Which are users who are stored at Check Point. In simple terms it's Check Point's IDP. This is the default setting.
2. IDP users : Which is users who are connected via the Infinity Portal admin's chosen IDP. This requires the Infinity portal admin to add an IDP configuration in Harmony Connect (Under settings -> Identity provider).
For both types of users the following most of the time resolves the issue :
Going into the browser settings -> Downloads settings (chrome://settings/downloads (if you are using Chrome)) -> And disabling "Ask where to save each file before downloading"
Note : Please make sure to not re-name the file downloaded from the Harmony Connect Portal/Website as it includes information which is needed to activate the Harmony Connect agent.
Notes on local-users :
If you are getting prompted the prompt that asks for an email address, something isn't right and you should contact Check Point if the above solution didn't help.
Notes on IDP users :
Make sure the IDP is fully configured with the domain you are trying to input.
If you are still getting this error, please don't hesitate to reach out to Check Point.
Let me know if my comment helped!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I think my colleague had that exact issue with a customer, let me ask him and will get back to you.
Cheers mate 😇
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello @the_rock !
I will be grateful mate!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Sorry, meant to reply earlier, but forgot, my bad. My collegue said to double check in global properties that domain is indeed there, otherwise, you may need to confirm with support.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello @the_rock I can't find domain configurations in global settings on Harmony Connect portal. Where do I find this section about domains?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I think that I found where this configuration must be put in, but I'm not sure how.
When I tried to validate the domain @emdia.com.br it returns an error, but I don't know how to insert this new domain there.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Wait...what is your identity provider? Also, is any domain showing as connected or no?
Andy
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
My Identity provider is the MS Azure AD. I already have those 2 domains that work fine so far.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Not 100% positive, sorry, I dealt with harmony connect only once before. Did you have to do anything on Azure side for the other 2 domains?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Sorry for the late answer @the_rock .
I got this environment just a few days ago, I'm not sure how the things were made previously, but I think that on Azure side was not needed any changes in the first time.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
You can verify with curl_cli -k command on the gateway, just do it for all 3 domains and see what happens, if results are the same or not.
Andy
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Bernardes,
Try to download the agent by using another browser. Sometimes the google chrome and other variants mess the agent profile.
Cheers,
Victor
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi everyone,
I'm Tamir from the Harmony Connect team.
To give some background to this issue :
Harmony Connect supports 2 types of users.
1. Local-users : Which are users who are stored at Check Point. In simple terms it's Check Point's IDP. This is the default setting.
2. IDP users : Which is users who are connected via the Infinity Portal admin's chosen IDP. This requires the Infinity portal admin to add an IDP configuration in Harmony Connect (Under settings -> Identity provider).
For both types of users the following most of the time resolves the issue :
Going into the browser settings -> Downloads settings (chrome://settings/downloads (if you are using Chrome)) -> And disabling "Ask where to save each file before downloading"
Note : Please make sure to not re-name the file downloaded from the Harmony Connect Portal/Website as it includes information which is needed to activate the Harmony Connect agent.
Notes on local-users :
If you are getting prompted the prompt that asks for an email address, something isn't right and you should contact Check Point if the above solution didn't help.
Notes on IDP users :
Make sure the IDP is fully configured with the domain you are trying to input.
If you are still getting this error, please don't hesitate to reach out to Check Point.
Let me know if my comment helped!