Forum Discussion
APM not generating Logon Event in DC
Hi,
We would like to implement an SSO solution that mainly relies on some Event logs (Logon - ID4624)
We found that when connecting via the Big-IP in VPN we don't have any such log in the Domain Controller. We are using an AD_Auth & AD-Query in the authentication scheme so I'm wondering why such log are not visible in the DC ?
Does someone has any experience on this ?
For the moment we need to wait until the user generate a windows action that trigger the Event ID to get authenticated into the SSO system
Thank you
Best regards
Nicolas
- Dario_Garrido
Noctilucent
Hello Ndaems.
F5 caches info from AD. There is an option called "Group Cache Lifetime" which rules that.
https://techdocs.f5.com/kb/en-us/products/big-ip_apm/manuals/product/apm-authentication-single-sign-on-12-1-0/2.html
Applying a new config at one APM policy should also clear cache.
Regards,
Dario.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com