For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Almassud_221797's avatar
Almassud_221797
Icon for Cirrus rankCirrus
Nov 13, 2015

Active Directory Authenitcation

Hi all,   could anyone provide a step-by-step instruction on how to setup F5 to authenticate against active directory? I found so many SOL, but so far they are helping all that much, so if it's s...
BIG-IP
LTM
security
R_Marc's avatar
R_Marc
Icon for Nimbostratus rankNimbostratus
Nov 14, 2015
create auth ldap system-auth { bind-dn "cn=bindaccount,ou=Service Accounts,ou=Some Users" bind-pw bindpw login-attribute samaccountname port ldaps search-base-dn "ou=Some Users" servers add { adserver } ssl enabled ssl-ca-cert-file CA.crt user-template %s@somedomain }
modify /auth remote-role role-info add { Admin { attribute "memberOf=CN=administrator,OU=SomeOU Groups" console tmsh line-order 500 role administrator user-partition All } }
modify /auth source { type active-directory }

This assumes you have a valid AD bind account and you have the DN of the remote role. You can look the roles up using AD tools.