Forum Discussion

jrenier_47051's avatar
jrenier_47051
Icon for Nimbostratus rankNimbostratus
Jul 01, 2011

Kerberos Auth + SSO with Sharepoint 2010

Hi,

 

 

We have a special request:

 

 

Build an authentication page blocking all access to sharepoint before Kerberos authentication is done in a nice company branded page.

Arrange F5 Kerberos authentication integration with Sharepoint to support Single Sign on.

 

After authentication keep session active (timer ? managed by the F5 ? by the Sharepoint ? Until logged out of sharepoint ?)

 

 

I don't really know where to begin.

 

It seems I have to play with Kerberos delegation

 

http://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/ltm_implementation/sol_kerberos_delegation.html1033946

 

 

I've already asked to client to see if he has the ADD CLIENT AUTHENTICATION license.

 

 

 

Any info would be nice. Is this scenario even possible ? (client has 10.2.1)

 

Thanks

 

microsoft
partner

3 Replies

Sort By
  • Michael_Koyfma1's avatar
    Michael_Koyfma1
    Icon for Cirrus rankCirrus
    Jul 01, 2011
    This will be possible in v11(due out this quarter) while leveraging APM(Access Policy Manager) product on top of the LTM. The beta of v11 is available now at http://beta.f5.com - feel free to sign up, download beta, and start playing with it. Kerberos use case documentation is available on the beta site as well. This is definitely a great use case for leveraging F5 technology in front of Sharepoint. Please post your feedback and follow-up questions if needed.

     

  • jrenier_47051's avatar
    jrenier_47051
    Icon for Nimbostratus rankNimbostratus
    Jul 04, 2011
    Thanks for that reply. But is the APM layer in v11 absolutely necessary to do this ?

     

    Can't we go with ACA and v10.2.1 ?

     

     

    I just need to be sure, cause i have to explain my client to postpone everything 3 months if we need v11.