When you use Check Point Endpoint Security not solely with Active Directory, you have to maintain a local database of clients protected by Endpoint.
Every clients registers to the Endpoint Server and retrieves a license after installation of the product.
If this clients is removed from your network and is no longer active, the license is not freed unless you delete the client object with SmartEndpoint.
This may lead to a situation where the license counter is exceeded and new clients can’t get a license – even if the total number of active clients complies with the licensed value.
With Check Point delivers a solution to this problem with a that lists computers that have a license but have not contacted the Endpoint Server within the last 30 days – and that are likely to be phantom clients.
When you try to execute the script it might not work at first.
I tested it on an installation with E80.41. On this Endpoint server the PATH variable did not contain the directory with the postgreSQL binary. In my case this was C:Program Files (x86)CheckPointCPSharedR75.40databasepostgresqlbin
After copying the script into this directory I was able to call it and retrieve the results.
Sadly, the number of listed clients was very small. After examining the script I found that only clients who joined the windows domain were shown: AND device.is_in_domain=true
When I removed this condition, I got a complete list of clients that had a license but had not contacted the Endpoint server for the last 30 days.
Unfortunately, the script only displays the distinguished name and leaves out the common name, under which the client can be located when using the local database as well.
I modified the script from
select distinct (device.nid), device.distinguished_name from device
to
select distinct (device.nid), device.distinguished_name, device.common_name from device
This brought me the whole list of clients and I was able to exam them one by one – and delete them manually, if they no longer existed, freeing the needed licenses.
Tobias Lachmann