Allow/Block access based on LDAP/AD Query

Hi Josh,

 

 

Try one of the following based on your LTM Version:

 

(v9.3.x -):

 

BIG-IP Local Traffic Manager version 9.3 Implementations: Configuring Remote Authentication for Application Traffic

 

https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/bigip9_3implementations/BIG_IP_9_3_Implementations_Gd-24-1.html

 

 

(v10.2.x):

 

Configuring Remote Authentication for Application Traffic

 

http://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/ltm_implementation/sol_app_auth.html?sr=17218594

 

 

Hope this helps.

Thanks, looks promising! Can I specify an LDAP object/group/etc that I do NOT want to be able to access a certain VIP? Or, is my only option to specify groups that CAN access the VIP? My ultimate goal needs to allow access to the VIP for everyone EXCEPT members of a certain group/OU/ldap resource/etc.

 

 

Thanks

Thanks, looks promising! Can I specify an LDAP object/group/etc that I do NOT want to be able to access a certain VIP? Or, is my only option to specify groups that CAN access the VIP? My ultimate goal needs to allow access to the VIP for everyone EXCEPT members of a certain group/OU/ldap resource/etc.

 

 

Thanks

is my only option to specify groups that CAN access the VIP?i have never done but i understand the following is applicable.

 

 

LDAP authentication with specific attribute

 

http://devcentral.f5.com/Community/GroupDetails/tabid/1082223/asg/52/aft/813305/showtab/groupforums/Default.aspx

 

 

My ultimate goal needs to allow access to the VIP for everyone EXCEPT members of a certain group/OU/ldap resource/etc.not sure if not (!) is usuable in filter. can you try?