Manualshelf

Troubleshooting guide

ManualsBrandsBay Networks ManualsComputer equipmentBayRS
81828384858687888990
Chapter 8 Troubleshooting LDAP Servers and the AMC Installation Issues
Advanced Technical Reference Guide 4.1 June 2000 83
Choose Manage Users and define a default user.
In the policy editor, enter a user authentication rule.
Test the connection.
If the problem persists, then it is not related to the LDAP server.
2. If the problem disappeared, try to initiate a “user authentication action” rule with users defined on the
LDAP.
3. If the problem disappeared, then it might be a SR or encryption issue.
4. If you have reached this point, then the problem is probably LDAP related, and this document should help
you solve it. Try to locate the log files on the LDAP, which may contain error messages that indicate the
cause of the problem.
Installation Issues
Refer to the LDAP Server’s user guides for information on how to install the LDAP Server, and follow the
instructions carefully.
Account Management Client Installation
Important: Only AMC builds 140 and above are Y2K compliant.
The Account Management Client can be installed on Windows 9x and Windows NT (Intel only).
If you are updating an older version of the Account Management Client to AMC builds 140 or 142, a message
will appear asking whether you would like to update all the objects on the current Account Unit. For more
information on updating your Account Units, see the Check Point Account Management Client Build 140
Release Notes at http://www.checkpoint.com/support/technical/documents/index.html.
Please note that this is relevant to AMC builds 140-142 and may change in the future.
Configuration Issues
In order to properly configure the Account Management Module, the administrator must be familiar with the
following:
LDAP
configuring an LDAP server
configuring the VPN-1/FireWal~1 GUI
configuring the Account Management GUI
The first goal is to enable a user defined in an LDAP Server to authenticate to the VPN/FireWall Module using
a fixed password. After this modest goal is achieved, you can undertake something more complex.
See: How to integrate Account Management and Netscape LDAP Server v3.1 with VPN-1/FireWall-1 (Solution
ID: 55.0.4222079.2607206) in the Check Point Technical Services site.
Configuring an LDAP Server for VPN-1/FireWall-1 Indexing
As mentioned in the User Guide, to maximize an LDAP Server’s performance, it is recommended to index the
LDAP Server according to the following attributes:
DN
UID