Configuring APM Client Side NTLM Authentication
Introduction
There have been a ton of requests on the boards for a simplified client side NTLM configuration, so based on Michael Koyfman’s excellent Leveraging BIG-IP APM for seamless client NTLM...
Published May 12, 2015
Version 1.0
Kevin_Stewart
Employee
EmployeeKevin_StewartEmployee
Employee
Javier_124486
Nimbostratus
NimbostratusHello everyone, first of all thanks to Kevin and Michael for the post and the continuous support. I've tried this setup on my lab and works perfectly fine after applying the iRule. My only question here is, Is there any way to present the F5 Logon Page form for those users whose computer is not joined to domain after they fail the NTLM auth? At this moment the user is presented with a Basic authentication if they are using a non-domain joined, although if i put my domain credential on it, it does nor shows the webtop but an error (unreachable site). If i remove the irule, the NTLM does not kick in for domain computers and all the users are presented with the Form Logon.
My Access flow is the following: Start>>NTLM auth 1 Success--->Resource assignment //// 2 Fallback ------>Logon>AD Auth> Resource assigment.
Is this possible or NTLM automatically discard the idea of working with non-domain computers? I saw before with Exchange this approach and work pretty well.
Thanks