For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Harshal_Patil_3's avatar
Harshal_Patil_3
Icon for Nimbostratus rankNimbostratus
May 08, 2019

F5 took long time to authenticate user using Active directory.

Just integrated AD in F5 Load Balancers for users authentication when accessing F5 LB. All user can able to authenticate successfully on LB but all LB took a long time to authenticate the user.   ...
BIG-IP
LTM
security
KeesvandenBos's avatar
KeesvandenBos
Icon for MVP rankMVP
May 09, 2019

Successfull but slow logon most of the times is a reachability issue. That's why I asked the question about the nslookup of the domain and the reachability of those servers.

What does the audit log tell you? (time between request and response of the ldap server).

It should tell:

May  9 13:59:30 bigip02 info httpd[31915]: 01070417:6: AUDIT - user root - RAW: pam_ldap initiating connection to TLS/SSL ldap server server.example.com on port 636.
May  9 13:59:30 bigip02 info httpd[31915]: 01070417:6: AUDIT - user root - RAW: pam_ldap validating credentials for user 'user1' against TLS/SSL ldap server server.example.com on port 636.
May  9 13:59:30 bigip02 info httpd[31915]: 01070417:6: AUDIT - user root - RAW: pam_ldap terminating connection to TLS/SSL ldap server server.example.com on port 636.
May  9 13:59:30 bigip02 notice httpd[31915]: 01070417:5: AUDIT - user user1 - RAW: httpd(mod_auth_pam): user=user1(user1) partition=[All] level=Administrator tty=/usr/bin/tmsh host=10.10.10.10 attempts=1 start="Thu May  9 13:59:30 2019".

Kees