SharePoint Issues with F5 LTM and APM.

Jared,

 

 

Thanks. I do have an idea on how you can potentially address this issue. You can leverage APM's end-point inspection capabilities for that. So, you would modify the policy to first check for user's source IP-address(I assume that the same VS is used for both external and internal users, else you can skip this step). Then you would invoke our end-point inspection to detect whether the user's machine is a domain-joined machine(a registry check or Windows info check and get Windows machine name and/or logged-on user for that machine, and if you are able to detect that, just let them through to the resource(end the policy in Allow ending) - that way client machine should authenticate to Sharepoint via NTLM silently, as you'd expect. For all other users, you'd want then to follow essentially the branch that you have depicted in your post.