- CheckMates
- :
- Products
- :
- Quantum
- :
- Security Gateways
- :
- AD Query failed after upgrading patch KB5014702 on...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
AD Query failed after upgrading patch KB5014702 on Active Directory
Hi friends,
Has anyone got this problem after uprading patch KB5014702 on AD:
After MS 2016 upgrade above patch, Identity Awareness says "bad credentials" when call to AD
Then I create new password on AD, and update this password on Checkpoint => this alarm disappear.
But then I re-enable blade "Identity Awareness", it says this account is not administrator (but it actually is Domain Admin)
Had anyone got this issue ? and how to overcome it.
Thank you!!
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
My Workaroud is uninstalling patch KB5014702 on AD, then everything is fine again.
Thank you!!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Mr Sorin,
My previuos post, I create new password for user on AD and checkpoint, and alarm "bad credential " disappears . I post this for error " the user is not administrator account", (but my account is Domain admin actually)
Thank u.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
To debug, we’d probably need a TAC case.
That said, Identity Collector is a better way to go.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
My Workaroud is uninstalling patch KB5014702 on AD, then everything is fine again.
Thank you!!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
This is one of solutions, but for how long... This MS patch covers CVE-2021-26414, So my suggestion is to install it on Windows Server. As response to issue with AD Query you have two options:
Install latest JHF for your version of GW or implement Identity Collector....
More info you will find here:
Solution Title: Check Point response to CVE-2021-26414 - 'Windows DCOM Server Security Feature Bypass'
Solution ID: sk176148
Solution Link:
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...
![](/skins/images/74119E49EB1AA30407316FFB9151D237/responsive_peak/images/icon_anonymous_message.png)