Forum Discussion

cd's avatar
cd
Icon for Cirrus rankCirrus
May 22, 2019

APM Kerberos SSO

Hello,

I use the User Lockout Policy with APM for Exchange 2016 (https://devcentral.f5.com/s/articles/create-a-user-lockout-policy-with-access-policy-manager)

 

It works fine with OWA with FormBased/NTLM SSO/ but when I use Kerberos SSO I have a lot of error "Could not find SSO domain, check variable assign agent setting" in debug, but it's still works is not not assigned

Without the Lockout Maccro I don't have any error like this

I read somewhere it's maybe a problem about Domain SSO variable 

 

Thanks

 

 

 

 

 

 

 

  • Best article for setting up Kerberos SSO:

    https://devcentral.f5.com/s/articles/apm-cookbook-single-sign-on-sso-using-kerberos

     

    I still use this as reference even after setting up several APM solutions with Kerberos SSO

  • Hi,

     

    When you use Kerberos sso you have to set an objet (SSO Kerberos).

    In this object you have an default variable for the domain: session.logon.last.domain

     

    So in your VPE you have to add an variable assign with: 

     

    custom variable: session.logon.last.domain

    custom expression: return "MYDOMAIN"

     

    Regards