Forum Discussion
The documentation for Kerberos Authentication with End-User Logons https://support.f5.com/kb/en-us/products/big-ip_apm/manuals/product/apm-authentication-single-sign-on-11-6-0/9.html states that "You can achieve multi-domain support for Kerberos authentication through multiple virtual servers. Each virtual server must have its own access policy and its own Kerberos configuration."
Does that mean it would not be possible to merge a keytab file? We have clients from multiple domains accessing F5 as an IdP with Kerberos authentication, so we cannot use multiple virtual servers.
Just following up. Would it be possible to merge keytab files from multiple domains for End-User Logons? Or is the only option be multiple Virtual Servers with its own access policy?