Forum Discussion

Nimbostratus

Oct 05, 2017

Alternate realm for a real domain in BIG-IP

We have an interesting problem after we implemented BIG-IP in our organization. Situation: we have an AD forest with one top level domain (mycompany.local) and 10 child sub-domains (one is com....

alternate realm

application delivery

authentication redirection

BIG-IP

Stanislas_Piro2

Cumulonimbus

Oct 06, 2017

Hi,

I don't understand the issue...

when working with kerberos, 2 informations are used:

sAMAccountName
REALM

these information are sent with a format like UPN but not UPN:

sAMAccountName@REALM

when working with Kerberos Auth:

the client requests the web site
the server requests a kerberos auth
the client requests to the KDC to get kerberos ticket.
the client requests the web site including the token
the server (here the F5) decrypt the token. if decryption successful, user is authenticated. there is no communication to the KDC from the server.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Alternate realm for a real domain in BIG-IP

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Checking for X-Forwarded-For against an Address Data-Group

SSL Bridging and FQDN rewrite Policy

Cisco TACACS+ Config on ISE LTM Pair

iRule causing requests to be duplicated (sometimes)

How can I get started with iCall

Related Content

Automating Certificate Management on F5 BIG-IP

Introducing the F5 AI Assistant for BIG-IP

BIG-IP security hardening and compliance checks

BIG-IP Report

Automating ACMEv2 Certificate Management on BIG-IP

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS