Forum Discussion
How do you configure the service account piece.
-
Create a new NTLM SSO profile. Take note of the username and password source variables in this profile.
-
Create a new access policy and assign the above SSO profile to it.
-
Open the visual policy editor for this new access policy and create a Variable Assignment agent. In this case, you'll probably want to set and create the session.logon.last.username and session.logon.last.password variables. Example:
session.logon.last.username = expr { "bob.user" } session.logon.last.password = expr { "jimbob" } <- set the secure option
-
After the Variable Assignment agent, add an SSO Credential Mapping agent. Leave the default values.
-
End with a simple Allow block.
-
Apply this access policy the the LTM VIP.
When a user accesses this VIP, the access policy will trigger the SSO and use the static values in the variable assignment (the service account) to perform NTLM challenge/response authentication with the web server.