Forum Discussion
NimbostratusCitrix XenApp:APM:AAA Services
Hi all, at the moment i'm in the process of configuring our bigip's using the downloaded xenapp_xendesktop_2012_06_27 iApp template. In the APM section, when i choose the option "Configure AAA Services" and fill in the the ip address, domain and admin credentials of a AD DC i get a functional AD authentication from the Webtop to the single AD domain controller. But, when i choose "Use and existing AAA server object" and create a *pool* (which is preferable, why would i want to create a single point of failure ?) of multiple DC's i can't get it to work. I'm pretty sure the pool of DC's is functional, because when i attached a vip to it there's no problem, at least not when doing ldap traffic. Packet trace shows kerberos traffic though, in both scenaro's. "Direct" works, "use pool" does not ... (11.3.0 HF5)
Anyone seen this behaviour, and/or used a workaround ?
TY,
Remco.
1 Reply
- I have seen this behavior when I have two AD AAA objects using the same FQDN. Try deleting (or modify the domain to something else) the unused AD AAA object if you have more then one using the same domain and see if you are able to pass LDAP traffic.
