Forum Discussion

Nimbostratus

Jan 24, 2020

F5 APM - Active Directory AAA profile and port 636 w/ SSL

As you probably already know, Microsoft is enforcing all LDAP binds to require a secure channel binding or LDAPS in March 2020. This means port 389 for LDAP queries will fail after the March Windows ...

active directory

BIG-IP Access Policy Manager (APM)

Altostratus

Feb 05, 2020

read this other thread: https://devcentral.f5.com/s/feed/0D51T000074cnXxSAI

the f5 article was incorrect and now taken down: https://support.f5.com/csp/article/K30054212 (feb 5 access shows page not available)

AD query in APM policy will generate unsigned insecure LDAP.

needs to be changed to LDAP query via port 636.

so if you use AD auth also, likely need to change that to LDAP auth via 636 as an ldap query wont work without ldap auth first.

nmb-AskF5
Employee
Feb 19, 2020
We've restored the article in question, and will update it further when we have more complete information. I apologize for the inconvenience, and the poor experience while the link was broken.
- boneyard
  MVP
  Mar 22, 2020
  there is not much in the article now, do you know when we can expect an update?
- Kin
  Employee
  Mar 24, 2020
  There are still a few things pending clarification with Microsoft. I'll return with an update once the article is ready.