Is it possible to change which LDAP attribute DynamicID uses when looking for mobile phone information?
I'd like to use "otherMobile" rather than "mobile". This is for R80.10
Not tested this change but you can try in lab.
In GuiDBedit navigate to:
+Managed Objects -> ldap -> Microsoft_AD
In the lower pane, find the Field: PhoneNumberAttr
Double-click PhoneNumberAttr and change its value to: otherMobile
Click File -> Save all
Exit GuiDBedit, Open SmartDashboard, and install policy to your gateway
Just something else about dynamicID that might help you from CheckPoint support:
"According to R80.10 Mobile Access Admin Guide page 152, The default country code is added if the phone number stored on the LDAP server or on the local file on the gateway starts with 0.
In this case, the user's phone number doesn't start with 0 and therefore the country code wasn't added to it.
In order to the default country code to be added we must have a 0 in the first number of the phone." I hope someone from Check Point can answer why there has to be a 0 in front of the phonenumber? In my country phone numbers doesn't start with 0.
Above is in the following SK: Configuring Two-Factor Authentication with DynamicID to send the OTP via email fails for Active Directory users
Thanks Enis, I can confirm that this worked.
Retrieving data ...