Authenticate users

Question

Hi iRules Masters,&nbsp;&nbsp;we got a Sharepoint VIP on our LTM where the users access it outside of our network. there is also a link inside sharepoint html page that is pointed to our ISA server for Authentication. I'm wondering is there any iRules out there that I can reference to replace ISA to query our Active Directory directly? essentially we want to offload authentication to F5 and get rid of ISA.&nbsp;&nbsp;&nbsp;thanks in advance&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;

michael_yates · Answer

Hi Spinx, 
&nbsp;  
&nbsp; I honestly do not think you need to off-load any authentication onto the Load Balancers.  ISA authenticates to AD and then passes those credentials to the application server, which passes them to the application. 
&nbsp;  
&nbsp; The application should maintain the ability to authenticate to AD itself, so bypassing ISA and going directly to your application should not affect your authentication model. 
&nbsp;  
&nbsp; ISA only acts like a firewall, so if you are going to bypass it then that is a different set of security concerns (which could be met and even exceeded by the use of the ASM if you have it). 
&nbsp;  
&nbsp; Hope this helps.

Forum Discussion

Authenticate users

Recent Discussions

self-directed requests fail because of no certificate

Decode ObjectSID from Base64-encode string

iRule - Url rewrite and header replace and pool selection not working

ip x-forwarding

F5 ASM API-Protection Policy

Related Content

RADIUS server authenticating user with Google Authenticator

F5 BIG-IP Access Policy Manager (APM) - Google Authenticator and Microsoft Authenticator

RADIUS server using APM to authenticate users

External authentication for F5 users

DEVCENTRAL END-USER LICENSE AGREEMENT

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS