Quick summary: Has anybody successfully set up Windows 2000 Active Directory
as an LDAP- and CA-Server for Checkpoint Firewall-1 4.1 SP2?
Further information:
We've experienced some problem in our lab setting up Windows 2000 Active
Directory as a LDAP and CA Server for FW-1 4.1. We can't either
automatically or manually extend the schema with fw1 classes and attributes
with success, means that when we use the AMC and try to modify some users
entries, a 'class violation' message occurs. If we create a new entry and
try to save, a 'missing attribute' message appears. Ok, we've moved to use
the AD as an CA. All went okay, expect when two firewalls try to exchange
their secrets, the logviewer states something about invalid Certificate
Revocation List for Firewall A (and no communication was possible). A quick
look with the networkmonitor told us that both firewalls get the revocation
list from the CA (Active Directory)successfully, so maybe it has something
to do with the syntax of the Revocation List?
I would really appreciate any quick feedback about this issue.
Regards,
sAM
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
