For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Requinbleu's avatar
Requinbleu
Icon for Nimbostratus rankNimbostratus
Jan 28, 2019

AQ Query and LDAP Query

I try to use both of then. When I use AD Query the only way to work is with use pool. It is impossible to work with direct server ip or FQDN. I receive a error. Like can't find Kerberos server. The AD authentication work fine with domain FQDN. I want use the FQDN of the domain. If I configure LDAP query the AAA just resolve one time the FQDN and put the IP in config. I just want use FQDN of the domain to have dynamic Domain controller list. I can't kwon when the AD team update, add or remove Domain controller so the best way is use Domain FQDN.

 

application delivery
BIG-IP Access Policy Manager (APM)

1 Reply

  • Sam_Novak's avatar
    Sam_Novak
    Icon for Altostratus rankAltostratus
    Jan 28, 2019

    If I understand your setup correctly, you could still utilize a pool for AD but only include a single AD server in it. I encountered issues when trying to load balance AD because of kerberos, so it really only seems to support a single backend IP anyway.