Forum Discussion
jrenier_47051
Nimbostratus
NimbostratusKerberos Auth + SSO with Sharepoint 2010
Hi,
We have a special request:
Build an authentication page blocking all access to sharepoint before Kerberos authentication is done in a nice company branded page.
Arrange F5 Kerberos authentication integration with Sharepoint to support Single Sign on.
After authentication keep session active (timer ? managed by the F5 ? by the Sharepoint ? Until logged out of sharepoint ?)
I don't really know where to begin.
It seems I have to play with Kerberos delegation
http://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/ltm_implementation/sol_kerberos_delegation.html1033946
I've already asked to client to see if he has the ADD CLIENT AUTHENTICATION license.
Any info would be nice. Is this scenario even possible ? (client has 10.2.1)
Thanks
Michael_Koyfma1Cirrus
This will be possible in v11(due out this quarter) while leveraging APM(Access Policy Manager) product on top of the LTM. The beta of v11 is available now at http://beta.f5.com - feel free to sign up, download beta, and start playing with it. Kerberos use case documentation is available on the beta site as well. This is definitely a great use case for leveraging F5 technology in front of Sharepoint. Please post your feedback and follow-up questions if needed.
jrenier_47051Thanks for that reply. But is the APM layer in v11 absolutely necessary to do this ?
Can't we go with ACA and v10.2.1 ?
I just need to be sure, cause i have to explain my client to postpone everything 3 months if we need v11.- Michael_Koyfma1Yes, to meet the requirements you described, you need APM and v11.