Forum Discussion
Can you share configuration of AAA > AD for both working and not working configurations?
Do you have any relevant entries in access logs? Did you increase the log level of Access Policy to debug? (Configuring the BIG-IP APM Logging Levels (12.x and newer) (f5.com))
- BravoNimbostratus
Dear Amine
Please see the configurations.
The one used as "pool" is not working
The one used as "Direct" is working.
The logs shows as below:
01490010:5: /Common/Azure_AD_Servers:Common:f040bbbf: Username ''
Feb 25 13:19:24 exlb-f502.azure.com err apmd[14492]: 01490107:3: /Common/Azure_AD_Servers:Common:fb31d8a4: AD module: authentication with 'xxxx' failed: Cannot contact any KDC for realm 'ZZZ.COM', principal name: arul@ZZZ.COM (-1765328228)Thank you
Arul
What is the status of the pool member?
I also think you should use a tcp health monitor with port 88 to make sure the DC is up and running.