Forum Discussion
NimbostratusAPM logon page with domain
Rookie question I'm sure, but I'm failing to understand how to capture the domain of a user logging in on a basic logon page.
I have been successful at getting AD to authenticate with just the basic username with password because it is setup to default to a domain, but the Exchange server needs the domain to be provided. I've been told that I should have the F5 APM logon screen accept a format of 'domain\firstname.lastname' or 'firstname.lastname@domain'. I know how to make another input field to specify a domain, but that feels clunky. I was under the belief that most logon pages just ask for the user to provide all of the logon information in one field, and I'm trying to replicate that.
This doesn't seem difficult, but I'm not successful thus far. Any insight would be appreciated.
Note: I was successful with a test of simply adding a Variable Assign for a static domain and passing that through, but I've told that there are multiple domains so this wouldn't work. :(
Thanks, -Warren
2 Replies
- Matt_Dierick
Employee
Hi Warren,
This is called "Cross Domain" and "Split Domain". Enable them in your Logon Page configuration.
If you enable cross domain support, and enable split domain username at the login page, and then the user enters their username,such as user@domain.com, Access Policy Manager uses the user@domain.com as the user principal name to authenticate the user against DOMAIN.COM domain.
Hope this help : http://support.f5.com/kb/en-us/products/big-ip_apm/manuals/product/apm-aaa-auth-config-11-1-0/2.html
Warren_129981Perfect! Thank you for the push in the right direction. Thanks!
