Forum Discussion

KEN_67036

Nimbostratus

Apr 10, 2008

multiple hosts entries for AD authentication

Wondering if I can have multiple host entries for AD authentication incase of a AD server failure.?

management

monitoring

Deb_Allen_18

Historic F5 Account

Apr 10, 2008

Client auth, or admin auth?

AFAIK, the only way to auth LTM with ACA (Advanced Client Authentication) module includes PAM (Pluggable Auth Module), and that is pretty flexible config-wise.

For admin auth using AD, it looks like you can specify a hostname OR an IP for Host, and it is retained in the config file as a name instead of resolving to an IP. Since that's the case, you can use a hostname that resolves to multiple IP addresses.

Better yet, you could use a service (like GTM) that hands out only one known good address with a short TTL, and minimize local visibility of failure.

HTH

/deb

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

multiple hosts entries for AD authentication

Introducing the F5 Application Study Tool (AST)

Displaying Application Study Tool (AST) Dashboards in Your Own Grafana Instance

Recent Discussions

What dose "Accept" do in BIG-IP ASM event logs

OSPF traps on BIG-IP v14

Problem with sending BotDefense logs to remote server

Change Content-Type from application/octet-stream to multipart/form-data

Is anyone using Certbot for F5 certificate automation? If not, what tool do you use?

Related Content

Multiple AD Authentication

Modifying multiple entries in a datagroup via api?

F5 BIG-IP Access Policy Manager (APM) - Google Authenticator and Microsoft Authenticator

APM Cookbook: Multiple Domain Authentication - Part 1

Doing mTLS Authentication per URL

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS