AnsweredAssumed Answered

Identity awareness - groups from AD

Question asked by Tomas Kolek on Aug 6, 2018
Latest reply on Aug 6, 2018 by Tzvi Katz

Hello,

 

we have issues with Identity Awareness on Checkpoint firewalls R80.10. We are using Terminal Servers for Citrix users. Users are correctly authenticated on AD but they are not receiving all AD groups. 

For example:

I should by in 8 groups on AD but in the output from pdp monitor all  on gateway (on active cluster member) I can see only 5 AD groups and thus I don't have access to some systems. It looks like Checkpoint ignores several groups/roles. Configruation on AD is correct. 

Could you please help me with this issue? Why Checkpoint ignores some AD groups? 

 

Thank you

Best regards,

Tomas

Outcomes