- Products
- Learn
- Local User Groups
- Partners
- More
Check Point Jump-Start Online Training
Now Available on CheckMates for Beginners!
Why do Hackers Love IoT Devices so Much?
Join our TechTalk on Aug 17, at 5PM CET | 11AM EST
Welcome to Maestro Masters!
Talk to Masters, Engage with Masters, Be a Maestro Master!
ZTNA Buyer’s Guide
Zero Trust essentials for your most valuable assets
The SMB Cyber Master
Boost your knowledge on Quantum Spark SMB gateways!
As YOU DESERVE THE BEST SECURITY
Upgrade to our latest GA Jumbo
CheckFlix!
All Videos In One Space
Hi All
I want to enable identity awarness, not for rules but just so I can see the user in the logs.
Firstly, I am having issues querying the AD domain, it comes up with a red error saying the user is not a domain administrator, does the user account really need to be a domain admin?
Secondly, once its done, do I need to amend anything in my rulebase for it to capture the user?
Many thanks
I believe admin account is needed, though I helped customer once using sk93938 and that worked as well, so not a must I guess. You can also use access roles in the rules to capture a user.
Andy
Identity collector might be an alternative to explore here, see sk108235.
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY