Hi to all,
I want to use the LDAP-Server of W2K and the Account-Management-Modul of
FW1. After I created the needed object classes and attributes I can
manage the users of the ADS.
The problem is, that I cannot create groups with the Account Management
Clients because a group for FW1 is a object of the objectclass
"groupOfNames". For W2K all groups are of the objectclass "group".
So I cannot use external user groups in Client Authentication Rules , if
I use the option "Only Group in branch (DN prefix)" because FW1 asks the
ldap-server (ADS) of objects with objectclass "groupOfNames" or
"groupOfUniqueNames".
The only possibility is creating the objectclass "groupOfUniqueNames" in
ADS because the objectclass "groupOfNames" exists but is of the type
"Abstract class" and you cannot create objects of objectclass with type
"Abstract class" in ADS. But so I have to use a script to create groups.
Has anyone a other solution of this problem, can I change the behaviour
of FW1 ????
Best regards
Daniel Fitzner
------------------------------------------------------------------------
----
Daniel Fitzner
IT-Services
T-Systems debis Systemhaus GEI GmbH / GS Berlin
debis Haus am Potsdamer Platz
10875 Berlin
mail: [EMAIL PROTECTED]
fon: +49 30 2554-3266
fax: +49 30 2554-3187
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
