Forum Discussion

SCalNet's avatar
SCalNet
Icon for Altostratus rankAltostratus
Jul 22, 2025

Allow specific users to access F5's GUI?

Hi guys,   I've configured TACACS (Cisco ISE) for F's GUI authentication. From ISE, I allowed a security AD group access to F5's GUI, and it works.   There is a problem; the AD group has 10 users...
security
SCalNet's avatar
SCalNet
Icon for Altostratus rankAltostratus
Jul 23, 2025

The problem is that if i create a new security group in AD, for F5, other users who have permission in Ad and not responsible for F5 can put themselves in that new F5 group. I’d like to have a full control just so other who are not responsible can’t mess around so I look for a way to have a better security/control.

  • Injeyan_Kostas's avatar
    Injeyan_Kostas
    Icon for Nacreous rankNacreous
    Jul 23, 2025

    I understand your concern, but I respectfully disagree.
    In this scenario, anyone with sufficient permissions in Active Directory can potentially gain access anywhere by adding themselves to the appropriate groups.
    However, such actions are auditable and can be tracked.

    If there’s a fundamental lack of trust among colleagues, relying on local accounts might be a more appropriate solution.