Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions
Custom Alert Banner

F5 AppWorld 2024 session proposal deadline extended to Friday, December 8th!

APM not generating Logon Event in DC

ndaems
Nimbostratus
Nimbostratus

‎05-May-2021 07:47

Hi,

 

We would like to implement an SSO solution that mainly relies on some Event logs (Logon - ID4624)

 

We found that when connecting via the Big-IP in VPN we don't have any such log in the Domain Controller. We are using an AD_Auth & AD-Query in the authentication scheme so I'm wondering why such log are not visible in the DC ?

 

Does someone has any experience on this ?

 

For the moment we need to wait until the user generate a windows action that trigger the Event ID to get authenticated into the SSO system

 

Thank you

 

Best regards

 

Nicolas

Labels:
0 Kudos
1 REPLY 1

Dario_Garrido
MVP
MVP

‎22-May-2021 10:51

Hello Ndaems.

F5 caches info from AD. There is an option called "Group Cache Lifetime" which rules that.

https://techdocs.f5.com/kb/en-us/products/big-ip_apm/manuals/product/apm-authentication-single-sign-on-12-1-0/2.html

Applying a new config at one APM policy should also clear cache.

Regards,

Dario.

Regards,
Dario.
0 Kudos
Copyright © 2023 Khoros, LLC