APM Active Directory Trusted Domains

Question

Haven't found a specific answer to my question so figured I'd reach out the dev community.  Dealing with a single forest multi domain environment.  Smartcard access, all with the same UPN suffixes, lets say @domain.com.  I need the ability to query for a UPN throughout the entire forest.  Now...&nbsp;
I have already tried the route of querying the GC.  And that is fine except it does not return the users actual domain which I need in my SSO KCD object.  So I have been experimenting with Active Directory Trusted Domains where you can specify more than one AAA server.  So in my case, I put DC1 and EXT_DC1 in this profile.  DC1 is in the root Domain A and EXT_DC1 is in the Child Domain B.  I have the AAA server DC1 specified as the root in the Active Directory Trusted Domains profile.&nbsp;
My AD query in my Access policy will only query this domain controller before failing.  So it works for any user who is in Domain A, but any user in Domain B it fails for.&nbsp;
Any advice would be greatly appreciated.&nbsp;
Thanks&nbsp;

seth_cooper · Answer

Could you setup multiple AD Query and if it doesn't find it in the DomainA then run a AD Query for DomainB?&nbsp;
-Seth&nbsp;

Forum Discussion

APM Active Directory Trusted Domains

1 Reply

Recent Discussions

Advise on setting up IRULE

F5 iRule to replace host to path

google-visualization-issues

google autenticator broken barcode

Port Group on F5OS network setting

Related Content

Creating device trust / trust-domain through iControl REST Call(s)

Trust your CDN, but not completely

Enriching AFM with public domain Threat Intelligence

Azure Active Directory and BIG-IP APM Integration

Overview of Trusted Client IP Headers in F5 Distributed Cloud Platform