For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Leveraging BIG-IP APM for seamless client NTLM Authentication

Many customers express interest to use F5 Access Policy Manager for transparent seamless authentication for their users.  There are a couple of leading use cases that drive that desired behavior: ...
Published Jul 22, 2014
Version 1.0
BIG-IP Access Policy Manager (APM)
microsoft
ntlm
security
Felix_Marwede's avatar
Felix_Marwede
Icon for Nimbostratus rankNimbostratus
Nov 02, 2015
Hi, I have a problem using this with our Sharepoint. In the step "External Logon Page - iRule" (The External Logon Page Object), I need to dynamically set the URI (FQDN of APM Virtual Server) as the Sharepoint uses different URLs. Two questions: - How can I set an URI like http:\\$hostname\nltm\auth instead of a complete http:\\fixed.url\nltm\auth - Is there a chance for the NTLM authentication with different URLs? Is there a specific APM cookie that is set and its value could be replaced by the IP address or another value to be recognised by F5. I am asking because when using a different URL to the same APM virtual server, the NTLM authentication begins again (also an alternative Logon Page, if the NTLM authentication was not succesful) Thanks for your feedback!