Forum Discussion
NimbostratusAuthentication with Multiple Domains
Hello Guys,
If we have 2 domains (domain1.com) and (domain2.com) with their Active directories (AD1) and (AD2)
We need to authenticate the user first with domain1.com and if the user is not available in this domain (domain1.com), we should to check with other domain (domain2.com) for authentication.
Also in the same time , we would like to use SSO credential mapping for single sign on for both of domain authentication to avoid to submit the credentials again to the application
Can Anyone help to figure it ?
Note: We din't need to use drop down option for login page to choose the domain , we need the checking process happen by APM Agents to check that automatically without asking the user for his/her domain which he/she belongs
So we don't to follow the following suggestion as they don't achieve our requirements https://codygreen.com/2014/11/17/apm-cookbook-multiple-domain-authentication-part-2/ https://devcentral.f5.com/articles/apm-cookbook-multiple-domain-authentication-part-1
Allwyn_MascarenCirrus
Hey Man I am looking for the same thing, we also dont want to use the drop down and try to do this automatically based on the user, can you share your apm policies, which you tried.
MR_FreddyHi David,
I configured the access policy as the following screenshot but till now it is not working fine
dragonflymrCirrostratus
Hi,
Hard to help not knowing what you are doing in Var Assign and LDAP Query objects. If you will post info it allow to figure out why it's not working.
Piotr
- MR_Freddy
Hi Piotr,
First Variable Assign
LDAP Query
Second variable assign
Branch 1 expression for variable assign
Stanislas_Piro2Cumulonimbus
Is there trusted relationship between domains?
If true, you can configure both domains (In Active directory auth servers) and trusted domain objects...
then in AD Auth box, select this trusted domains.
AD Selection will be automatic.
Regards.