I have 4 applications being used by F5 APM using Kerberos, since a week users are being asked to enter login creds to get in. most of them are sucessfull and some are failing.
Nothing changed in the system, I had an F5 engineer evaluated the device and he did not found anything. Suscpect is F5 APM as all the 4 apps using sso are not transparent and asking creds everytime when logging in.
If it is a P1 incident for your organisation you should contact F5 support. A forum like this is more meant for best effort help by other users and perhaps some F5 employees if they have time, but not meant to replace actual support.
Perhaps some more details can help other users recall experiencing something similar. Share some of the APM configuration to show it is setup. Have you checked the apm logs, anything different there now?
Okay, it was a P1 but wanted I to know what would be the issue when the Main engineers are working on this like a side track analysis. So, the issue is with the reverse lookup, We see the FQDN which is on GTM using gslbx is not working for reverse lookup and it failing to login for Kerberos. fixed after changing the dns to point directly to app server.
