AAA Active Directory Pool Configuration

Question

I have noticed that when I use the Pool option for AAA priority group activation is established and the last member added to the pool has the highest priority.  I don't really want priority group activation enabled.  I can edit the pool directly, however when I update the AAA configuration all of my custom pool changes are lost.  Is this by design and why?  What is a workaround?  I saw that in version 10.1 is was suggested to create an internal VS for AD load balancing and then point the AAA configuration to this VS.  I'm wondering if this should still be the approach under 11.5.1 ? And the Pool option should be abandoned altogether.&nbsp;
Any guidance would be appreciated.&nbsp;
Thank-You.&nbsp;

amolari · Answer

the fact that last added AAA server has higher priority is not optimal. A RFE has been opened to change that non-logical behaviour and have top-to-down priority order&nbsp;
Bug 439594 : track the confusing order of the pool members in the list&nbsp;
AAA pools are HA only. If you want load-balancing, you must create a VS and its pool on your BIG-IP and use that VS in your AAA server configuration.&nbsp;
At this point, all 11.x releases behave like that&nbsp;

Forum Discussion

AAA Active Directory Pool Configuration

1 Reply

Recent Discussions

iRule resulting in too many redirects

When F5OS r2800 appliance reboots, interfaces configured at tenant level for VLAN are lost

cat and grep command for rst messages

iControl for Gtm wideip

Telemetry streaming to Elasticsearch

Related Content

Active/Active load balancing examples with F5 BIG-IP and Azure load balancer

F5 Active Standby Node Configuration

Remote User Authentication (e.g. F5 admins) using Azure Active Directory

Remote Authorization via Active Directory

Re: Azure Active Directory and BIG-IP APM Integration with PeopleSoft using Easy Button (Introduced