Forum Discussion
Nimbostratusdefine access based upon AD groups in Network access
Hi Guys,
I have configured network access and tested successfully. also fetched AD groups. but when I am creating a policy according to AD group resources, it doesn't work.
please help me to understand that how to create it .
Regards Prak
3 Replies
Harry1is anyone there to check?Hi Prak~ Not sure of your specific error or BIG-IP version but here are some support links that might get you in the right direction.
SOL16306: AD and LDAP Group Resource Assign feature - https://support.f5.com/kb/en-us/solutions/public/16000/300/sol16306.html?sr=54905551
Active Directory Query - https://support.f5.com/kb/en-us/products/big-ip_apm/manuals/product/apm-authentication-single-sign-on-11-6-0/3.html?sr=54905551
Active Directory Authentication - https://support.f5.com/kb/en-us/products/big-ip_apm/manuals/product/apm-authentication-single-sign-on-12-1-0/2.html?sr=54905551 (This one has an assigning resources section)
SOL17304: AD/LDAP group resources may be improperly assigned using AD/LDAP Group Resource Assign - https://support.f5.com/kb/en-us/solutions/public/17000/300/sol17304.html?sr=54905551
Hopefully those help and there's more info at support.f5.com << enter problem and find solutions.
ps
Seth_CooperEmployee
Hi Prak,
Can you give a little bit more details about what error you have?
Does the user not see the resources that should be provisioned?
Do you see any errors in the APM log?
Do you have an AD Query after AD Auth in the VPE?
Can you turn APM logging to Informational and verify what is in the memberOf session variable for your user and then compare to what you have listed in the VPE?-Seth
