Forum Discussion
APM Auth to Multiple AD
Scenario is that we have different networks which use different Active Directory domains which are in separate forests with no trust between them.
I already have a Virtual Server on the APM platform which authenticates users to one of the Active Directories and based on group membership presents different user types with different WebTops containing different applications or Remote Desktops.
I now need to build another setup for the second network which authenticates to the second Active Directory and again based on group membership presents different user types different resources.
With Public IP addresses limited I would like to use a single Virtual Server/IP on the APM platform.
Ideally I'd like to configure the APM rules along the lines of "authenticate to AD1 if that fails attempt authentication to AD2"
Any thoughts/ideas?
- mike_aws_119486Nimbostratus
Thanks for that, the same VIP is used for Network Access using the BIG-IP Edge client so will need to have a little play with that.
Currently it authenticates, then checks client type (browser/edge client) and then does various things based on various permissions.
Looks like it should be possible to re-arrange to also cover a 2nd domain - thanks!
- kunjanNimbostratus
This doc should guide you. Making use of the drop down menu might be the better option.
https://devcentral.f5.com/articles/apm-cookbook-multiple-domain-authentication-part-1
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com