Health Monitor for Active directory VIP

Question

Hi Team,&nbsp;
Need one information regarding health monitor.&nbsp;
We are having Active Directory VIP . Currently the monitor using is TCP . Can I get a sample monitor which can check whether authentication is happening with DC's .&nbsp;
Because recently we had issue for one production application where users not able to authenticate using back end DCs,but VIP was showing UP because of TCP monitor.&nbsp;
Thanks for your help in advance.&nbsp;

kevin_stewart · Answer

You might want to just use a simple LDAP monitor against a pool of DCs listening on port 389 or 636. Example:
User Name: cn=administrator,cn=users,dc=mydomain,dc=com
Base: cn=users,dc=mydomain,dc=com
Filter: sAMAccountName=bill.user

This actually checks the ability to authenticate (simple bind with admin account), and performing queries (the search filter). This is probably as close as you're going to get without dropping into the management plane to test Kerberos auth.

kiran_145850 · Answer

thank you for the reply.&nbsp;
Here in my case the backend DCs are listening on port 3268.&nbsp;
In this case do we need to use any alternative.&nbsp;

kevin_stewart · Answer

Is 3268 used for LDAP?

Forum Discussion

Health Monitor for Active directory VIP

3 Replies

AppWorld 2026: Save the Date and Join Our Community In Person!

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Disabling signature for a URL

XC - geo LB to the origin servers

F5 LACP

Terraform LTM provider - ICMP disabled on resulting VIPs

SSLO Policy Condition - Server Certificate (Issuer DN)

Related Content

Simplifying Application Health Monitoring with F5 BIG-IP

F5 Distributed Cloud - Regional Edge Health Monitoring Insights

iRule based RADIUS Health Monitor Builder

Health monitor question

GTM health Monitoring and Probe

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS