Forum Discussion
APM "drive mappings"
Hi all,
When creating a drivemapping is it possible to auto fill in the username/password that it will use by logging to the portal? After setting up an network acces I need to login to Map a Drive.
Access Policy ›› Network Access : Network Access List ››
Something like SSO?
Please let me now.
Best Regards
Patrick Pater
- matt_64003
Cirrus
Did you get this figured out? It is pretty easy in Firepass. I'm not sure why they haven't extended this feature to APM. - Seth_Cooper
Employee
This is not allowed today. I opened a case with F5 and submitted an RFE... Please open a case and get it attached to the BugId below and we might be able to get this included sooner than later. - matt_64003
Cirrus
This is supposedly fixed in 11.4, where the APM credentials are used for the drive mapping, as opposed to the Windows credentials.
- Seth_Cooper
Employee
I have 11.4 loaded and I don't see an option to configure the SSO drive mapping.
Seth
- matt_64003
Cirrus
I was told that this wasn't an option, but a change in behavior. I haven't had a chance to upgrade/test yet but I'll update the post as soon as I do.
- matt_64003
Cirrus
We're now running 11.4.1 and drive mapping authentication is still failing. This is the only thing keeping us from migrating from Firepass. I guess I'll open another case.
- please do report back on that, quite interested in the answer.
- Nicola_DT
Nimbostratus
Mates, I have the same issue, drive mapping ca't use the sso chredentials
I tried also something like this:
drive mapping
\nas.company.com
changed to
\{session.logon.last.username}:{session.logon.last.password}@nas.company.com
but no go
Any other feedback ?
Thx, Nicola.
- Wojciech_Wypior
Nimbostratus
You could try the following, setup drive mapping via launch application like so:
\10.10.4.77\share %{session.sso.token.last.password} /user:%{session.logon.last.domain}\%{session.logon.last.username}
And ensure you have SSO Credential Mapping element in the policy. This should get your share to mount without inputting the credentials.
- Hi, it works for me. I just added /persistent:no to disconnect the shared drive after reboot
- Wojciech_Wypior
Nimbostratus
I forgot to mention to use "net use" command, see: http://technet.microsoft.com/en-us/library/gg651155.aspx for syntax, for example: net use v: \\10.10.4.77\share /user:%{session.logon.last.domain}\%{session.logon.last.username} %{session.sso.token.last.password} Note: everything after "net" command is parameter and has to be specified in the parameters box, otherwise Windows will not launch it :) Also if the environment variables are not set for windows\system32 for some reason the path needs to be specified. There is one caveat, the share will stay mapped after VPN is disconnected, so like mentioned by Yann you should add /persistent:no as well. Also its worth noting that when using Edge client, the normal drive mapping works with SSO, as with Edge we would send the APM user credentials. In contrast, web browser will send the Windows client credentials and not APM user logon credentials, hence the SSO will not work. - matt_64003
Cirrus
Once connected, the user is prompted to allow the command to run for each mapped drive, at which point a command window pops up until that mapping is complete. This is rather painful for the users when you have four to five drive mappings like we do. The other issue is that the drives persist even after Network Access has disconnected. The /persistent:no option only applies when the system is rebooted. We still have thousands of users on Firepass where drive mappings and disconnections happen transparently to the user. It will be difficult to migrate them from Firepass to APM with this kind of APM experience. At the same time, F5 is not supporting Windows 8.1 with Firepass so they've kind of pushed us into a corner. I hope they fix this. I also made a request through our sales team.
- tajmohammedkhan
Nimbostratus
I have tried all the above but no luck. Finally I found the way. you should use the syntax as follow for win 7 and win10
application name : net
path : use v: \10.10.4.77\share /%{session.sso.token.last.password} user:%{session.logon.last.domain}\%{session.logon.last.username}
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com