"No matches found" error when configuring an AD Authentication Server on Embedded GAIA appliance
The AD Server netBiosName (pre win-2000) contains '&' character in its name:e.g.: check-point is check&point.
- Click 'Users & Objects > Authentication Servers > New'.
- Fill in the Domain, IPv4 address, User name and Password field.
The user needs to be assigned to the "Domain Admin" and "Schema Admin" groups in AD.
If domain name DOES NOT MATCH the NetBIOS name, you will need to use NetBIOSname\username in "User name" field.
For example: Domain name is CheckPoint with suffix .local
Righ-click the domain and click Properties to find the NetBIOS name, CHECK&POINT.
The user name will be CHECK&POINT\adadmin
The firewall automatically appends the domain name to user name when authenticating. If NetBIOS name doesn't match domain name, the bind will fail.
3. Click on Discover and if the information is correct, User DN will populate.
4. Query the AD, VPN > Remote Access Users > Add > Active Directory Group
You should now see your AD groups:
This solution has been verified for the specific scenario, described by the combination of Product, Version and Symptoms. It may not work in other scenarios.
- The & character in User name is not supported and will be available in future firmware releases.