Forum Discussion

Nimbostratus

Feb 23, 2011

AD DC's behind F5....

We have several applications that are antiquated and not AD aware. They authenticate against a specific DC rather than to AD as a whole. So, typical AD load balancing will not work and we prefer not...

config

design

Hamish

Cirrocumulus

Feb 23, 2011

Not really. Just a VS with tcp/389, SNAT if they're not routing back via the F5, translate IP and port (Or just IP actually should be fine if VS and servers are all :389). Persistence by srcip.

The monitor can probably be just a customisation of the built-in LDAP monitor (With the caveat some versions will follow LDAP referrals and mark the server as up anyway. You have to watch for that and customise to consider LDAP referrals as being down... Although that can be masked if the clients have the ability to follow the referrals AND have connectivity).

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

AD DC's behind F5....

Recent Discussions

self-directed requests fail because of no certificate

Decode ObjectSID from Base64-encode string

iRule - Url rewrite and header replace and pool selection not working

ip x-forwarding

F5 ASM API-Protection Policy

Related Content

WAF sync across DC

AD DC's behind F5 + SNAT

F5 not seeing DC or server in the pool

F5 Big-IP VE on azure

Freezed F5 GUI

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS