Configuring AD Query

For the overview, see AD Query.

Important - Before you configure AD QueryClosed Check Point clientless identity acquisition tool. It is based on Active Directory integration and it is completely transparent to the user. The technology is based on querying the Active Directory Security Event Logs and extracting the user and computer mapping to the network address from them. It is based on Windows Management Instrumentation (WMI), a standard Microsoft protocol. The Check Point Security Gateway communicates directly with the Active Directory domain controllers and does not require a separate server. No installation is necessary on the clients, or on the Active Directory server., you must:

Important - NTLMv1 and NTLMv2 authentication are supported. These are the default authentication modes in an R81.20 Security Gateway:

Security Gateway Version

Configuration Before the Security Gateway Upgrade

Default Authentication Mode

R81.20 - Clean Install

N / A

Note - Starting from R81.20, the default is NTLMv2.

NTLMv2

R81.20 - Upgrade from a lower version

Authentication mode was not changed using the adlogconfig command.

Note - In R81.10 and lower, the default is NTLMv1.

NTLMv2

R81.20 - Upgrade from a lower version

Authentication mode was changed to NTLMv1 using the adlogconfig command.

Note - In R81.10 and lower, the default is NTLMv1.

Example for R81.10 - An administrator changed the authentication mode from the default NTLMv1 to NTLMv2, and then from NTLMv2 back to NTLMv1.

NTLMv1

Procedure: