Configuring APM Client Side NTLM Authentication
Introduction
There have been a ton of requests on the boards for a simplified client side NTLM configuration, so based on Michael Koyfman’s excellent Leveraging BIG-IP APM for seamless client NTLM...
Published May 12, 2015
Version 1.0
Kevin_Stewart
Employee
EmployeeKevin_StewartEmployee
Employee
Javier_124486
Nimbostratus
NimbostratusHi gents,
Thanks for the info, it was really useful. My doubt was if there is any way to enforce the "Negociate" authentication that happens on OWA for example. If the user cannot work/authenticate with NTLM use either Basic or OWA Form. I understood the "limitation" (if it can be call that) of NTLM not been able to auth non corporate users, but i was expecting the fallback path, which contains Logon agent, to be followed. Although since the irule always enforce NTLM the logon will not work, so i will follow Michael's approach of steering them. In my case i will ask the internal users to use a slightly different fqdn and use LTM policy to control the access to different internal VS with different Access policies. The idea of installing EDGE components only to review the registry requires too much effort to my customer.
As always, i appreciate your amazing support and happy new year - soon :)-