Citrix XenApp:APM:AAA Services

Question

Hi all, at the moment i'm in the process of configuring our bigip's using the downloaded xenapp_xendesktop_2012_06_27 iApp template. In the APM section, when i choose the option "Configure AAA Services" and fill in the the ip address, domain and admin credentials of a AD DC i get a functional AD authentication from the Webtop to the single AD domain controller. But, when i choose "Use and existing AAA server object" and create a *pool* (which is preferable, why would i want to create a single point of failure ?) of multiple DC's i can't get it to work. I'm pretty sure the pool of DC's is functional, because when i attached a vip to it there's no problem, at least not when doing ldap traffic. Packet trace shows kerberos traffic though, in both scenaro's. "Direct" works, "use pool" does not ... (11.3.0 HF5)&nbsp;
Anyone seen this behaviour, and/or used a workaround ?&nbsp;
TY,&nbsp;
Remco.&nbsp;
 &nbsp;

greg_crosby_319 · Answer

I have seen this behavior when I have two AD AAA objects using the same FQDN. Try deleting (or modify the domain to something else) the unused AD AAA object if you have more then one using the same domain and see if you are able to pass LDAP traffic.

Forum Discussion

Citrix XenApp:APM:AAA Services

1 Reply

Recent Discussions

Geo Fence in ASM through irule for URI

Chrome V 124+ on MacOS - Virtual Server Access Issue

google-visualization-issues

The best load balance method on this scenario?

SMS server with BIGIP

Related Content

Citrix Federated Authentication Service Integration with APM

Multi-Stores Citrix environment BIG-IP APM

Per-app failover for Kubernetes-based services using F5 Distributed Cloud Services

Kubernetes architecture options with F5 Distributed Cloud Services

Migrating F5 BIG-IP APM From Legacy NAC Service to Compliance Retrieval Service