Technical Forum
Ask questions. Discover Answers.
cancel
Showing results for 
Search instead for 
Did you mean: 

NTLM authentication in APM

a_basharat_2591
Nimbostratus
Nimbostratus

Hi,

 

I have the following APM Policy defined on a Virtual Server:

 

0691T000006Apq3QAC.jpg

 

To introduce NTLM on it [following the article: https://devcentral.f5.com/articles/configuring-apm-client-side-ntlm-authentication] to allow seamlessly authentication for domain-joined machines:

 

  • Do I need to replace on the 'Negotiate' branch the AD box for an NTLM box [NTLM Auth Result]?
  • A not domain-joined machine will follow basic or negotiate branch?
  • on the HTTP 401 box, What do I need to select on 'HTTP Auth Level' [none, basic, negotiate, basic+negotiate]?

Many thanks

 

1 REPLY 1

Stanislas_Piro2
Cumulonimbus
Cumulonimbus

NTLM is not configurable in APM yet.

 

To support NTLM auth, you have to

 

  • enable eca profile in the virtual server configuration (tmsh only, not available in webui)
  • create a NTLM profile in APM
  • enable this profile with an irule
  • create a NTLM auth result box in APM to get NTLM auth status done before APM evaluation.