F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

Mark_22062's avatar
Mark_22062
Icon for Nimbostratus rankNimbostratus
Jul 23, 2014

APM AD Auth and Trusted Domains

Hi there,

 

I have a domain trust between acme.com and contoso.com. The APM lives in the acme.com and can authenticate users against this domain using AD Auth. With the trust in place I want to allow users in the contoso domain to authenticate through the APM.

 

AAA AD server is configured for acme.com AAA AD Trusted Domain is configured for contoso.com with acme.com AAA selected and configured as the Root.

 

In the VPE the AD Auth is pointing to acme.com with cross domain support enabled. The trusted domains is grayed out.

 

What am I missing?

 

BIG-IP Access Policy Manager (APM)
microsoft
security

2 Replies

  • Kevin_Stewart's avatar
    Kevin_Stewart
    Icon for Employee rankEmployee
    Jul 24, 2014

    I'm guessing the Trusted Domains options is greyed out because you've selected a AAA server in the AD auth config. You can use one or the other.

     

  • Rene_Bader_1308's avatar
    Rene_Bader_1308
    Icon for Altostratus rankAltostratus
    Jul 24, 2014

    Mark,

     

    Your settings in VPE for AD Auth should be:

     

    Server: None

     

    Trusted Domains:

     

    Cross Domain Support: Enabled

     

    With a configured Server you cannot set the domain trust, just switch it back to None and the Trust should be selectable.

     

    Best

     

    René