Forum Discussion
kerberos and sharepoint
So it looks like you're performing an LDAP query in the visual policy to get the sAMAccountName, and then using the SAM as the username source for the Kerberos SSO. So assuming the policy itself is always working, the next questions would be:
-
Does it behave this way for internal AND external users, or just one or the other?
-
When you say "prompt you to re-auth", are you talking about a dialog box for user/pass input?
-
If you set APM SSO logging to debug, do you see any Kerberos-related errors in /var/log/apm when the issue occurs? Do you ever see "S4U ==> OK!" in that log?
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com