Forum Discussion

Nimbostratus

Nov 04, 2008

ldap/ with kerberos through F5

Hi, We have an F5 BigIP load balanced address fronting a few Domain Controllers in our AD (e.g. adldap.domain.com). We have OpenLDAP clients using this Virtual address to do looku...

microsoft

partner

Will_F_98397

Nimbostratus

May 04, 2009

I've done a similar thing with some WCF/SOAP applications requiring Kerberos tickets/authentication, created a DNS name referencing the virtual server IP Address in active directory DNS and then assigned a SPN using this DNS entry. The SPN would be that of the DNS entry.

There's a link on the microsoft website which explain's using IIS and Load Balanced environments, very similar setup I would assume.

http://technet.microsoft.com/en-us/library/bb633031.aspx

Also checkout 'Troubleshooting Kerberos Delegation' I found this a useful document.

Running BigIP 9.3.1

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

ldap/ with kerberos through F5

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

CPU load when Prometheus is scraping metrics from F5 BIG-IP LTM

Connection Rate Limit with log output

syslog over tcp and define management IP as source

Managing iRules configuration

Recommendation for Adv. Lab

Related Content

Troubleshooting Kerberos Constrained Delegation: Strong Encryption Types Allowed for Kerberos

LDAP Proxy

Kerberos is Easy - Part 2

Kerberos Is Easy - Part 1

APM Cookbook: Single Sign On (SSO) using Kerberos

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS