EasyManua.ls Logo

Check Point HARMONY R81 - The Organization Scanners Page; Directory Synchronization

Check Point HARMONY R81
451 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Active Directory Scanner
R81 Harmony Endpoint Server Administration Guide|95
n
SSL Enabled - Uses SSL Tunneling. You must have an SSL certificate installed on
the Domain Controller. By default, this is not selected.
n
Port - The port over which the scan occurs.
n
Scan Interval - The Endpoint Security Management Server sends a request to the
Domain Controller to see if changes were made to the domain. If changes were
made, the Directory Scanner synchronizes Endpoint Security nodes in the Users
and Computers tree with nodes in the Active Directory. The Scan Interval is the
time, in minutes, between the requests.
7. Click OK.
The scan shows in the Organization Scanner window.
Note - Scanning the Active Directory takes time. AD objects show in the sequence
they are discovered
The Organization Scanners Page
In the Deployment tab > Organization Scanners page, you can see all configured scans and
their statuses. You can also do these operations:
n
Add Directory Scan - Configure a scan of an Active Directory domain or OU.
n
Edit - Edit a configured scan.
n
Remove - Remove a scan from the list. It will not occur again.
n
Rescan - Run a selected scan on demand.
n
Start/Stop - Click the start or stop icon to start or stop a scan.
n
Smart Card certificate scanning setting > Configure - Configure if all user certificates
are scanned for Smart Card information during a scanner instance, or only those with the
Smart Card Logon OID.
Directory Synchronization
At the specified interval of a scanner instance, the Directory Scanner synchronizes Endpoint
Security nodes in the Users and Computers tree with nodes in the Active Directory. When
synchronization occurs:
n
New Active Directory objects are added to Endpoint Security and inherit a policy
according to the Endpoint Security policy assignment.
n
Deleted users are removed from the Users and Computers tree, but only if they had no
encrypted removable media devices. Deleted users with encrypted removable media
devices move to the Deleted Users/Computers folder. The user no longer exists in the
Active Directory, but the server keeps the encryption keys for possible recovery.
You can delete these users manually using SmartEndpoint.

Table of Contents

Related product manuals