For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

John_Reddington's avatar
John_Reddington
Icon for Nimbostratus rankNimbostratus
Jul 22, 2014

Seamless athentication to Webtop

Is it possible to authenticate to a webtop seamlessly using the AD credentials our users are already logged onto their machines with?   To qualify, we have a webtop, that when accessed, presents u...
BIG-IP Access Policy Manager (APM)
deployment
security
Kevin_Stewart's avatar
Kevin_Stewart
Icon for Employee rankEmployee
Jul 28, 2014

To do seamless authentication to the webtop in a Windows environment, your only two real options are Kerberos and NTLM (as these are the only two types of authentication tokens that Windows natively supports). It's important to understand though that neither of these methods exposes a user password. So once you've successfully authenticated a user on the client side of APM and exposed the webtop objects, the only usable attribute you have from that client side authentication is the user's username and domain. You cannot do server side NTLM because you'd need a password. You could technically do client side NTLM or Kerberos, but you'd be limited to Kerberos on the server side.

 

Related Content