Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

F5OS AD Integration

Leav97
Altocumulus
Altocumulus

‎31-Mar-2023 07:59

I'm not usually the person that sets up the AD integration on our hosts.  The person that normally configures it took one look at the new F5OS (1.4) and, well, I won't repeat their comment here.  I figured how hard can it be.  I think I'm reasonably smart and can follow instructions.  I used to think I was resonably smart.  Now I'm not so sure.  I've configured authentication settings and server groups.  Users is still only an option for local.   

Labels:
0 Kudos
5 REPLIES 5

Leslie_Hubertus
Community Manager
Community Manager

‎03-Apr-2023 16:06

Hi @Leav97 - can you please give more detail around your experience or problems you came across? I'm not seeing a question to answer, or specific feedback I can bring to the product team. 

0 Kudos

Leav97
Altocumulus
Altocumulus
In response to Leslie_Hubertus

‎04-Apr-2023 08:59

Sure, 

How do I add an AD group for admin access?

 

0 Kudos

Leav97
Altocumulus
Altocumulus
In response to James_McCarron

‎04-Apr-2023 11:46

I've walked through the documentation several times.  I have yet to find any information on how to add an AD group to admin access.

0 Kudos

James_McCarron
F5 Employee
F5 Employee
In response to Leav97

‎04-Apr-2023 12:46

@Leav97 I am far from an Active Directory expert, but my understanding is that you have to have an AD group created with a GroupID of 9000 for F5OS admin users. Something like this inside AD:

 

# Define some security groups
new-adgroup -name "f5os_admins"    -GroupCategory Security -GroupScope Global -OtherAttributes @{'gidNumber'=9000}
new-adgroup -name "f5os_operators" -GroupCategory Security -GroupScope Global -OtherAttributes @{'gidNumber'=9001}
new-adgroup -name "f5os_users"     -GroupCategory Security -GroupScope Global -OtherAttributes @{'gidNumber'=9002}
new-adgroup -name "f5os_limited"   -GroupCategory Security -GroupScope Global -OtherAttributes @{'gidNumber'=9999}
 
Is your question more on how to configure the AD side of things, or how to configure the F5OS side? Is there a specifc area where the docs are not clear or need more context on the F5OS side?
0 Kudos
Copyright © 2023 Khoros, LLC