identity awareness

FrankXie · ‎2022-07-20

Hello expert

I am poc identity awareness with browser based authentication.

I am trying to forward user from identify agent to radius server for authentication. My user name is in format abc@xyz.com, but I found identity awareness only forward abc to radius server, it stripped @xyz.com. My backend radius server hence reject request. How can I keep the full name?

----- sorry, turns out my problem is I can't find user abc@xyz.com in my domain xyz.com, but I can find abc in my domain xyz.com.

Then my problem is if I add xyz.com, my ldap server told me user doesn't exist.

If I don't add xyz.com, then my rsa server told me server not exist.

Is there a way checkpoint can remove xyz.com while search in ldap server?

Thanks in advance for your response.

Regards

Frank

Chris_Atkinson · ‎2022-07-21

Please take a look at sk122477 and discuss further with TAC as needed.

CCSM R77/R80/ELITE

FrankXie · ‎2022-07-21

Thanks Chris, I will reach out the TAC.

Sorin_Gogean · ‎2022-07-21

hi,

any reason you want to have the browser authentication ? I'm asking because we implemented Identity Awareness with AD via Identity Collector and all is good till now.

ty,

FrankXie · ‎2022-07-24

Mainly MFA.

Are you a member of CheckMates?

identity awareness