Haven't got lookde through previous messages but in the encryption scheme of every user object in the ldap, you'll find 'IKE' and there 'Password' and 'Certificates' checkboxes. May you've to set a password there?
SAM -----Original Message----- From: Robert Ramiega [mailto:[EMAIL PROTECTED]] Sent: Donnerstag, 23. Mai 2002 10:06 To: [EMAIL PROTECTED] Subject: Re: [FW-1] SecuRemote authentication over LDAP On Thu, May 23, 2002 at 08:49:26AM +0200, Samuel Wuethrich wrote: > Did you applied the schema enhancements on the active Directory itself > successfully? I've see this error if that was not successfully done. I admit i didn't do that, but i have identical effects when authenticating agains iPlanet LDAP server to which i did apply schema enhancements. I even asked a question about it here some month ago or so. Note also that Mario did apply enhancement to his AD server. > On Wed, May 22, 2002 at 11:39:38AM +0200, Mario Mangano wrote: > > Hi, > > I'm trying to realize authentication of a SecuRemote client on FW-1 > > NG gateway. Users are defined on a Acrive Directory LDAP server > > without SSL. When user authenticats, firewall responds "no > > pre-shared secret defined for user". I've realized extension of the > > schema with ldapmodify command. -- Robert Ramiega <[EMAIL PROTECTED]> RR282-RIPE Security Team Leader | Systems Administrator TDC Internet Polska SA | PDi Ltd ================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
