Forum Discussion

Nimbostratus

Nov 07, 2013

How to configure APM to use AD Global Catalog 3268 and or 3269? Does APM support Authentication using Global Catalog?

I'm using APM and there is a requirement to authenticate users through Global Cagalog instead of regular AD Kerberos or LDAP 389 636. We would like to use the AD Global Catalog which are basically 3...

BIG-IP Access Policy Manager (APM)

Nimbostratus

Got an aswer from F5. As of 11.4.1 Global Catalog is not supported yet for authentication. Supported are ldap, ldaps, regular AD and Kerberos.

dirtycache

Nimbostratus

Jan 03, 2017

Circling back to this as the post/question came up in a Google search -

You can utilize the global catalog by configuring it as an LDAP AAA server object, with the dependent pool members using port 3268/tcp.

That said, you won't have password change functionality with an LDAP AAA object like you would with AD due to them each using a different agent; the LDAP agent does not support this feature while the AD agent does, including against RODCs.

Forum Discussion

How to configure APM to use AD Global Catalog 3268 and or 3269? Does APM support Authentication using Global Catalog?

Recent Discussions

What is the meaning is 52% block in WAF

Rundeck ansible F5 errors

rewrite Azure AD response for portal access via web portal

AS3 Monitoring multiple ports selectively

Open Redirection Mitigation

Related Content

F5 BIG-IP Access Policy Manager (APM) - Google Authenticator and Microsoft Authenticator

Configuring APM Client Side NTLM Authentication

Doing mTLS Authentication per URL

Distributed caching of authentication requests with NGINX Ingress Controller

Configuring Smart Card Authentication to BIG-IP Management Interface