Citrix iApp APM and Acticve Directory Account

Question

Hello,
I have an LTM with APM and Citrix is setup using the latest iApp. During setup (or reconfigure) in the iApp template under the APM portion it asks for an AD account with administrative permissions and that if the account becomes locked users will be unable to logon.
It doesn tmention in any documentation though if this account needs to be part of domain admins group or not and what the account actually does.
Any advice? Thanks.&nbsp;

greg_crosby_319 · Answer

It is used to bind and query for users ad account information and does need to be a user account that is part of the Citrix AD Domain (or a user that has rights to the Citrix AD domain).&nbsp;

joshbecigneul · Answer

In most cases leaving the user a part of Domain Users is just fine. If you want to have the F5 notify users of password expiration, I believe you need to give the f5 service account the right to reset users' passwords.

tolinrome_13817 · Answer

Thanks, any documentation on this, would be nice to actually see something F5 printed on it.
Thanks again.&nbsp;

greg_crosby_319 · Answer

APM docs for 11.5 - check out the authentication and single sign on document.&nbsp;

Forum Discussion

Citrix iApp APM and Acticve Directory Account

4 Replies

Recent Discussions

ASM instance creation

[ASM] - what is "Browser Challange file" ?

[ASM] - HTML5 Cross-Domain Request Enforcement - CLI command

Reverse Proxy Not Behaving

Stable Firmware for F5

Related Content

Create a DevCentral account

Change admin account

DevCentral to Require Multi-Factor Authentication for Account Login from September 26

ForgeRock with F5 Distributed Cloud (XC) Account Protection and Authentication Intelligence

Azure Active Directory and BIG-IP APM Integration