[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] SSO and SDL
Bob, thanks for following this thread through. I was also able to get everything 2 work, here was my problem: As part of our NT lock down we set cachedlogoncount to 0 on all Win NT boxes. This prevented local logon without a domain controller. Once I reset this to 1, everything worked minus the following 2 things: 1.) No, the logon script does not run 2.) My Network Neighborhood works about 50% percent of the time. Not sure why. I am putting together a document that puts everything together, including rule examples, group memberships, .C file changes, and client setups that will hopefully make it easy to understand. If anyone wants a copy of this email me directly and I'll ship it out when done. Mind everyone, this is only for 4.1 SP2 versions of everything. thanks again... Patrick D. Baird Senior Solutions Developer - MCSE mVest Technology Solutions, Inc. 1700 Paoli Pike Malvern, PA 19355 Wk:Cl:-----Original Message----- From: Bob Bisignani [mailto:[email protected]] Sent: Wednesday, September 20, 2000 1:33 PM To: [email protected]; [email protected] Subject: Re: [FW1] SSO and SDL >From my limited experience: Try logging on as your NT Domain Account - just like you are on your internal LAN. Enable SDL only Try from the Internet, logging on using your regular NT Domain Account SecuRemote should launchput in the necessary credentials to access our network - SecuRemote/Check Point credentials You should see your logon script execute, if you have one - PLEASE LET ME KNOW IF IT WORKS FOR YOU, IT DOESN'T WORK FOR ME. Server Mgr, User Mgr for Domains should work. I have been able to add a PC to the Dmain from the outside using this, change a password, have user who has never logged on before logon etc. BUT THE LOGON SCRIPT DOES NOT WORK. I had to include :netbios_nat (true) in my objects.C file to get this to work and change my dnsinfo.C fiel to include my pdc and domain. Bob >From: Patrick Baird <[email protected]> >To: "'[email protected]'" ><[email protected]> >Subject: [FW1] SSO and SDL >Date: Tue, 19 Sep 2000 14:36:16 -0400 > > >This was formerly "[FW1] Secure Domain Logon w/ SP2 win98 LMHOSTS entry". > >Magically, I say that because I'm not sure what I changed to fix it, I can >now browse network neighborhood. I now have a "thicker skulled" question >about SSO and SDL. > >When I have an NT laptop, I am logging in with a local username and >password >to that machine. So the machine domain, and not with cached credentials. >What do I have to put in for SSO NT username? I want SSO and SDL to use my >"network account" when started, but is SSO fired up based on who you login >as? > >I hope my problem is clear, and its 4.1 SP2 on NT, with 4165 as the >SecuRemote client. > > >thanks! > >PDB > > > >=========================================================================== ===== > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html >=========================================================================== ===== _________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Share information about yourself, create your own public profile at http://profiles.msn.com. ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|