APM Cookbook: On-Demand VPN for iOS Devices

Overview I’ve been using On-Demand VPN for a number of years as it’s a secure and easy way to access applications while on the road with the added benefit of conserving device battery life when id...
Published Jul 25, 2014
Version 1.0
BIG-IP Access Policy Manager (APM)
cookbook
ios
Security
vpn
Smithy's avatar
Smithy
Icon for Cirrostratus rankCirrostratus
Oct 24, 2018

Hi Johan,

 

I'm not sure how you've set this up, but userPrincipalName is "username@domain" format, see: https://docs.microsoft.com/en-us/windows/desktop/secauthn/user-name-formats

 

If the AD Query is working with sAMAccountName, great! Just use the memberOf session variable to see the groups: https://support.f5.com/kb/en-us/products/big-ip_apm/manuals/product/apm-authentication-single-sign-on-11-6-0/3.html

 

You definitely don't want to use a Logon Page as this will break everything and AD Auth is not required as the above solution is using On-Demand Cert Auth.

 

Cheers,

 

Brett