Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

Use the email address registered in Active Directory for F5 BIG IP APM OTP authentication

Keigo
Nimbostratus
Nimbostratus

‎06-Dec-2020 16:20

I'm having trouble setting up the F5 BIG-IP APM

 

I would like to use the OTP authentication function that F5 BIG-IP APM has as standard.

 

I want to send the OTP to the email address of the mobile phone registered in Active Directory.

 

Has anyone ever made such a setting?

 

please give me your wisdom.

 

Best regards

Labels:
0 Kudos
1 REPLY 1

Dario_Garrido
MVP
MVP

‎07-Dec-2020 02:20

Hello Keigo.

Which DB do you expect to find your email address?

Usually, people stores email and phone information in the AD and APM can get both using a LDAP query.

VPE policy should look like this:

- LDAP query to get email

- Generate OTP code

- Send an email with the previous code

- Use a logon page to ask for that code

- Verify the code

Regards,

Dario.

Regards,
Dario.
0 Kudos
Copyright © 2023 Khoros, LLC