APM Cookbook: On-Demand VPN for iOS Devices
Published Jul 25, 2014
Version 1.0Was this article helpful?
Hi Johan,
I'm not sure how you've set this up, but userPrincipalName is "username@domain" format, see: https://docs.microsoft.com/en-us/windows/desktop/secauthn/user-name-formats
If the AD Query is working with sAMAccountName, great! Just use the memberOf session variable to see the groups: https://support.f5.com/kb/en-us/products/big-ip_apm/manuals/product/apm-authentication-single-sign-on-11-6-0/3.html
You definitely don't want to use a Logon Page as this will break everything and AD Auth is not required as the above solution is using On-Demand Cert Auth.
Cheers,
Brett