Forum Discussion
F5 BIG-IP APM Integrated to Azure AD for User
I used to do this with an LB_DETACH in an iRule against my LDAP servers. Not sure it would work here. You have APM logs from these sessions? Try a logout on a test VIP, identical to this one (standby units are great for this sort of thing, btw, so as to not interrupt prod traffic), jack up the logging on it and see what it tells you about your individual logout.
- jessperbaylonAug 14, 2023Nimbostratus
HI Aubrey,
I have managed to make it to work using a force authentication (Enabled). The challenge here is that users keeps on entering the username and password + MS Authenticator PIN every time user login to VPN.
Is there a way, that I can set the Force Authentication as Use AAA Server Settings (which is a single sign on) but will still prompt for MS Authenticator?
- Nikoolayy1Aug 14, 2023MVP
Maybe try playing with microsoft conditional access and MFA as Azure AD is selecting when to again ask users for MFA. Maybe if this "Allow users to remember multi-factor authentication on devices" is dissabled:
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com