Forum Discussion

Nompang's avatar
Nompang
Icon for Altocumulus rankAltocumulus
Feb 04, 2023

F5 APM SSO RDP with window VM (not working)

HI Experts , 

i have issue that related to SSO on F5 APM that can't do sso with window machine (VM) that doens't join domain.

so i have enable the sso on RDP profile (session.logon.last.username , same for password and domain)

what i have tried:

1. remote session.logon.last.domain on RDP profile (not work)

2.on my VPE , variable assign session.logon.last.domain to . (not work) , i use . becausae when i login to my vm manually using .\msopheak and password was working fine ,but can't do this with F5.

so do you have any idea how to solve it ? with window vm that doens't have domain

Thanks alot

  • Hi, 

    I've had the same issue in the past, and it's indeed tricky to get this to work if you have Windows systems that doesn't join a domain. you have to give the SSO a domain name, even though it's not used (as you have indeed tried with the variable assign in the VPE. 

    See below what my configuration looks like. It may be that you have a syntax issue in the variable assign? I would also try by putting in the word "domain" for the domain name, rather than just a ".". It may be that Windows doesn't like the special characters. 

    Lastly, by using the "custom" variable name, I avoid any issues with any other internal variables that may exist. Your assignment should work, but you never know... 

    RDP SSO configuration: 

    VPE Variable assign configuration: 

    Hope this helps. 

    • Nompang's avatar
      Nompang
      Icon for Altocumulus rankAltocumulus

      HI AlexBCT ,

      seem not working base on your configuration .

      For VM that has domain registered , it work as expect.

      Thanks

      • AlexBCT's avatar
        AlexBCT
        Icon for Cumulonimbus rankCumulonimbus

        Can you see if the variable is successfully created when you have a look in the session variables? 

        To do this: Once a session is established, go to the session overview, and click on the variables for that session and find the variable you have created for the domain and confirm that it contains the value that you have programmed into it. 

        If yes, can you then doublecheck the spelling of the variable from the overview with the spelling of the variable in the RDP SSO configuration? (it's a silly thing to ask, but it wouldn't be the first time I made a mistake in there... 😉