401 Kerberos fallback not passing username and passwords

Question

Hi I'm trying to set up a 401 auth.&nbsp;
On Negotiate, via Kerberos. If you hit the server on a PC on our company domain you will be logged in. (this works). On fail/fallback, login via LDAP using the user/password from the pop up box. (this doesn't work!!)&nbsp;
On Basic, login via ldap (this works)&nbsp;
The report logs show that the ldap after kerberos does not have any username or password set. Am i doing this wrong? Any advice on how to fix this?&nbsp;
Below is my workflow. LDAP Auth (staff 2) does not work.&nbsp;
&nbsp;
I would be grateful for any advice you can provide&nbsp;

lucas_thompson_ · Answer

With kerberos logon, there is no access to a password so you can't use any further authentication mechanisms or SSO (aside from kerberos delegation).&nbsp;
You'd have to have another 401 response, or maybe a forms-based logon page after the fallback branch from kerberos logon. Then it should be fine.&nbsp;

mdsilva_266229 · Answer

Hi Lucas,&nbsp;
Can you please elaborate a little?&nbsp;
Basically what i want is, If your PC is on the company domain auto login, otherwise use ldap. Whats the best way to do this?&nbsp;
Cheers
Michael&nbsp;

Forum Discussion

401 Kerberos fallback not passing username and passwords

2 Replies

Recent Discussions

import live updates from version x to version y

Tenant image upgrade

iRule editor partition button does not work

F5Access | MacOS Sonoma

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

Related Content

Transparent Kerberos Authentication and APM fallback authentication

Automate scp transfers using password

Password Safety & Security: Passwords vs. Passphrases

APM Kerberos Auth or fallback to another authentication method

Ansible module to update BIG-IP root/admin passwords