Forum Discussion

Eric_S_27558's avatar
Eric_S_27558
Icon for Nimbostratus rankNimbostratus
Sep 09, 2010

assign variable to NTLM Domain field in SSO config

Not a lot of activity on this forum, but worth a shot. Hopefully, this question is easy enough for someone out there.

 

 

Is it possible to assign a variable in the access policy rule (e.g. session.sso.token.last.domain), then use that variable to assign value to the NTLM Domain field of an SSO configuration, similar to the session.sso.token.last.username variable used for name? This is in APM 10.2. Assigning the variable seems easy enough, but the assigned value is not being used for the NTLM Domain, which works fine when set directly by entering the actual string domain value in this field. I'm just trying to determine if this is a valid option, and if so, how to do it correctly.

 

 

Thanks

 

Eric

4 Replies

  • It is currently not possible, but an RFE for this functionality has been submitted, and will hopefully be implemented in the next version.

     

  • torzillo_89761's avatar
    torzillo_89761
    Historic F5 Account
    I have been able to do this with an iRule that uses different internal virtuals, each with its own NTLM SSO profile. Please see my example on the APM Wiki at:

     

     

    http://devcentral.f5.com/wiki/default.aspx/APM/MultipleNTLMSSO.html

     

  • Thanks for the great post.

     

    I did follow your instructions and I have few questions.

     

    How will this work if I have .com and .net domains? How do you configure the SSO to use with the policy and virtual server..

     

     

  • Thanks for the great post.

     

    I did follow your instructions and I have few questions.

     

    How will this work if I have .com and .net domains? How do you configure the SSO to use with the policy and virtual server..