APM Policy - AD Auth Fallback

Question

I have a policy that presents F5 generated Forms logon page. The policy is doing Active Directory authentication. When user enters invalid credentials, the policy does not seem to follow the 'Fallback' branch from the 'AD Auth' item, but rather updates the page with basic message, but remains on the logon page.&nbsp;
Where is this logon retry configured at?&nbsp;

brad_parker_139 · Answer

The login retry count is set on the AD Auth object in the VPE.&nbsp;

brad_parker · Answer

The login retry count is set on the AD Auth object in the VPE.&nbsp;

baddogsettle_16 · Answer

That's what I thought I remembered, but I don't see it there when I open the AD Auth object under Properties. All I have is: Type, Server, Cross Domain Support, Complexity Check for Password Reset, Show Extended Error, Max Logon Attempts Allowed, Max Password Reset Attempts Allowed.&nbsp;
Am I missing something?&nbsp;

brad_parker · Answer

Max Logon Attempts not what you are looking for?  What's the behavior you are looking for?

baddogsettle_16 · Answer

Is the Max Logon Attempts what is controlling how many times it loops prior to proceeding to the Fallback branch?&nbsp;

Forum Discussion

APM Policy - AD Auth Fallback

7 Replies

Security Best Practices for F5 Products

F5 AppWorld 2026 Registration - early bird pricing.

Kostas Injeyan - October 2025 Featured Member

Recent Discussions

Webtop which has VNC for macos users

AST Configuration Assistance

Floating IP responds from wrong VLAN/trunk

expandsSubcollections and filtering in F5 SDK

F5 i-series Guests to r-series tenants migration

Related Content

APM Kerberos Auth or fallback to another authentication method

APM Access Policy|SSLVPN | SAML auth questionnaires

LTM Policy

iControl REST Cookbook - LTM policy (ltm policy)

iRule, Traffic Policy or Re-Write Policy

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS