Forum Discussion

FI_2016_187929

Nimbostratus

Apr 21, 2015

Multiple Kerberos Authentications in APM

Hi, we have multiple subdomains that we want to have access the same application and would like them to authenticate through the F5 using Kerberos. We currently have the following Access Policy conf...

BIG-IP Access Policy Manager (APM)

kerberos

security

FI_2016_187929

Nimbostratus

The documentation for Kerberos Authentication with End-User Logons https://support.f5.com/kb/en-us/products/big-ip_apm/manuals/product/apm-authentication-single-sign-on-11-6-0/9.html states that "You can achieve multi-domain support for Kerberos authentication through multiple virtual servers. Each virtual server must have its own access policy and its own Kerberos configuration."

Does that mean it would not be possible to merge a keytab file? We have clients from multiple domains accessing F5 as an IdP with Kerberos authentication, so we cannot use multiple virtual servers.

FI_2016_187929

Nimbostratus

Aug 31, 2016

Just following up. Would it be possible to merge keytab files from multiple domains for End-User Logons? Or is the only option be multiple Virtual Servers with its own access policy?

Forum Discussion

Multiple Kerberos Authentications in APM

Recent Discussions

GTM Packet Capture command

How to Implement 2 Way SSL in F5 LTM

BWC iRule

Citrix XenServer Big-IP Upgrade help

BIG-IP DNS iRule issue with static variable

Related Content

Multiple AD Authentication

Transparent Kerberos Authentication and APM fallback authentication

F5 BIG-IP Access Policy Manager (APM) - Google Authenticator and Microsoft Authenticator

Doing mTLS Authentication per URL

Lightboard Lessons: Basic Kerberos Authentication