Create a Post
Showing results for 
Search instead for 
Did you mean: 

Move from Identity Awareness AD Query to ID Collector now

Microsoft further hardens Windows and enforces it's DCOM security feature in response to CVE-2021-26414. On June 14, 2022, Microsoft will go into the second stage of hardering DCOM, and the mentioned change may interfere with your current AD Query implementation. More details about this can be found in sk176148.

While Check Point R&D is apparently working to overcome this issue, now it is a good time to consider moving from AD Query to Identity Collector implementation.

This has been discussed before. I'll focus on Check Point Best Practices and Solutions.

  •  (PDF) Identity Awareness: Reference Architecture & Best Practices
    • recommends ID Collector because of security (requires low privileged account only, while AD query requires a high privileged account)
    • recommends ID Collector because it's better suited for low, medium and large scale deployments (the use case for AD query is small deployments only)
    • recommends ID Collector because it's low resource use (AD query has high resource use)
    • recommends ID Collector because it's realtime identity assurance
    • recommends ID Collector for company's headquarters together wi
TO READ THE FULL POST it's simple and free


Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events