AD/LDAP Auth on rSeries F5-OS

We were able to get it working, but it wasn't ideal. The short answer is the uidNumber and gidNumber attributes must be explicitly added to each AD user. We did not setup any other attributes referenced in the guide.

For uidNumber, we just started at 1000 and sequentially worked our way up for each user. This is not ideal because according to our local AD admin, uidNumber is not a standard attribute that they can create/modify. Our local AD admin had to get our global AD admins to create the new attribute for each user. Additionally, there is no system in place in AD to auto-sequence the number, so I suppose that has to be tracked somewhere else? We have a small group of F5 admins that need access to F5OS, so it's manageable for us, but I imagine it would be a pain for a team with dozens of users.

For gidNumber, we set 9000 for each user because the only users logging into F5OS would be administrators. Again, this attribute is not considered standard so it required escalations to get it added to our users. We initially set the gidNumber on an AD group for F5 Admins as referenced in the solution article, but it seemed pointless because we still had to explicitly set gidNumber for each user.