Sharepoint forms based authentication SSO with APM

Hi Dennis, did you use the v1.0.0 iApp to set up APM for SharePoint? This should create everything you need, assuming you have the SharePoint web app set up for NTLM auth. The SharePoint deployment guide also has manual configuration info for those objects: https://www.f5.com/pdf/deployment-guides/iapp-sharepoint-2010-2013-dg.pdf

Mike

Yes. That's what we did but it's not working with the standard iApp SSO configuration. We've tried changing it but no luck. Event the APM logs don't show much on SSO even with SSO debug enabled.

Can you enable debugging for Access as well, then post the sanitized APM logs so I can have a look?

Debug is enabled but those are the only lines I see in the log after login:

Jul 10 16:49:10 APNLB03 info tmm[16153]: 014d0002:6: 963a3d07: SSOv2 Request "GET /", config /Common/ssov2_shp2010 Jul 10 16:49:10 APNLB03 info tmm[16153]: 014d0002:6: 963a3d07: SSOv2 Request "GET /_layouts/15/Authenticate.aspx?Source=%2F", config /Common/ssov2_shp2010 Jul 10 16:49:10 APNLB03 info tmm[16153]: 014d0002:6: 963a3d07: SSOv2 Request "GET /_login/h/hdefault.aspx?ReturnUrl=%2f_layouts%2f15%2fAuthenticate.aspx%3fS", config /Common/ssov2_shp2010 Jul 10 16:49:10 APNLB03 info tmm[16153]: 014d0002:6: 963a3d07: SSOv2 Request match, config /Common/ssov2_shp2010 form form_auth Jul 10 16:49:10 APNLB03 info tmm[16153]: 014d0002:6: 963a3d07: SSOv2 Request "GET /_layouts/15/1033/styles/corev15.css?rev=BdxJNFd%2FTPOed3Z8IKEJ9A%3D%3D", config /Common/ssov2_shp2010 Jul 10 16:49:10 APNLB03 info tmm[16153]: 014d0002:6: 963a3d07: SSOv2 Request "GET /_layouts/15/1033/styles/error.css?rev=nc1850SZNy60qTAeQIRxsA%3D%3D", config /Common/ssov2_shp2010 Jul 10 16:49:10 APNLB03 info tmm[16153]: 014d0002:6: 963a3d07: SSOv2 Request "GET /ScriptResource.axd?d=cnQg0ta0IJqwtwSzo3wA2bpwlDxIzXchHy9JGr4ykEt3rBduUX59yu5goQ", config /Common/ssov2_shp2010 Jul 10 16:49:10 APNLB03 info tmm1[16153]: 014d0002:6: 963a3d07: SSOv2 Request "GET /_layouts/15/init.js?rev=7Tix801bl5ZziOKr5K1nrw%3D%3D", config /Common/ssov2_shp2010 Jul 10 16:49:10 APNLB03 info tmm1[16153]: 014d0002:6: 963a3d07: SSOv2 Request "GET /_layouts/15/blank.js?rev=ZaOXZEobVwykPO9g8hq%2F8A%3D%3D", config /Common/ssov2_shp2010 Jul 10 16:49:10 APNLB03 info tmm[16153]: 014d0002:6: 963a3d07: SSOv2 Request "GET /WebResource.axd?d=CiDdz9N4wNpxL7qdcet4nQjVrlk3Fux3gSPl2s2wfPyDwU49K6Gz-A7KfXSkc", config /Common/ssov2_shp2010 Jul 10 16:49:10 APNLB03 info tmm2[16153]: 014d0002:6: 963a3d07: SSOv2 Request "GET /ScriptResource.axd?d=SaLU3jNGKRZM9IMLVGY00QIyxSdOLQklKcDKtKeQ6_7fKtbP0zWA3HSrvr", config /Common/ssov2_shp2010 Jul 10 16:49:10 APNLB03 info tmm3[16153]: 014d0002:6: 963a3d07: SSOv2 Request "GET /WebResource.axd?d=f1Yj_vB0n0AOM-pUSsrFCBkb_PEx92YvEig59xzzgBVe5izLhqa52TFUZGq68", config /Common/ssov2_shp2010 Jul 10 16:49:10 APNLB03 info tmm2[16153]: 014d0002:6: 963a3d07: SSOv2 Request "GET /_login/h/imgs/test%20Ae2.jpg", config /Common/ssov2_shp2010

It looks like you're using the forms v2 SSO for server auth...do you have your SharePoint web app set to forms, or NTLM?

It's set to forms

I worked with F5 support and we finally figured out the answer for this problem. The problem was with the forms parameter. It had the wrong name in there. Make sure you follow (Copy and paste) the form parameter from the document below:

http://support.f5.com/content/kb/en-us/products/big-ip_apm/manuals/product/apm-sso-config-11-2-0/_jcr_content/pdfAttach/download/file.res/BIG-IP_Access_Policy_Manager_Single_Sign-On_Configuration_Guide_Version_11.2.pdf

After that everything worked and now the user goes straight to Sharepoint.

Thanks everybody for the help.