Forum Discussion

Slayer001's avatar
Slayer001
Icon for Cirrus rankCirrus
Jan 06, 2020

AD authentication with LDAPS

Is it possible to create a layered Virtual Server to intercept the LDAP request towards the AD DC's and use LDAPS for the connection? We need to have LDAPS (TCP-636) for the AD auth instead of the d...
ad
application delivery
BIG-IP Access Policy Manager (APM)
ldaps
  • Slayer001's avatar
    Slayer001
    Feb 11, 2020

    Been some time but didn't have time to test it out. I tried with Pool but same result.

    Logged a support case and they confirmed it's not possible with AD auth. They said they know the security patch is coming and are working on something. It should be there before the Microsoft security patch is released.

Slayer001's avatar
Slayer001
Icon for Cirrus rankCirrus

This is used for authenticating users in an APM policy. So the internal VS is defined in the settings of a new object under Access --> Authentication --> AD

Mitheor's avatar
Mitheor
Icon for Cirrus rankCirrus
Jan 08, 2020

Hi,

 

so, let me see if i understand it correctly.

 

You´ve created an access policy that uses an AAA (AD) object that points to a Virtual Server but the packet is not being processed by that same VS?

 

If that´s the case, have you collected any logs of any AAA request?