Forum Discussion

MR_Freddy_31338's avatar
MR_Freddy_31338
Icon for Nimbostratus rankNimbostratus
Mar 11, 2019

Authentication with Multiple Domains

Hello Guys,

 

If we have 2 domains (domain1.com) and (domain2.com) with their Active directories (AD1) and (AD2)

 

We need to authenticate the user first with domain1.com and if the user is not available in this domain (domain1.com), we should to check with other domain (domain2.com) for authentication.

 

Also in the same time , we would like to use SSO credential mapping for single sign on for both of domain authentication to avoid to submit the credentials again to the application

 

Can Anyone help to figure it ?

 

Note: We din't need to use drop down option for login page to choose the domain , we need the checking process happen by APM Agents to check that automatically without asking the user for his/her domain which he/she belongs

 

So we don't to follow the following suggestion as they don't achieve our requirements https://codygreen.com/2014/11/17/apm-cookbook-multiple-domain-authentication-part-2/ https://devcentral.f5.com/articles/apm-cookbook-multiple-domain-authentication-part-1

 

APM
application delivery

5 Replies

Sort By
  • Allwyn_Mascaren's avatar
    Allwyn_Mascaren
    Icon for Cirrus rankCirrus
    Mar 12, 2019

    Hey Man I am looking for the same thing, we also dont want to use the drop down and try to do this automatically based on the user, can you share your apm policies, which you tried.

     

  • MR_Freddy's avatar
    MR_Freddy
    Icon for Nimbostratus rankNimbostratus
    Mar 12, 2019

    Hi David,

     

    I configured the access policy as the following screenshot but till now it is not working fine

     

     

  • dragonflymr's avatar
    dragonflymr
    Icon for Cirrostratus rankCirrostratus
    Mar 12, 2019

    Hi,

     

    Hard to help not knowing what you are doing in Var Assign and LDAP Query objects. If you will post info it allow to figure out why it's not working.

     

    Piotr

     

  • MR_Freddy's avatar
    MR_Freddy
    Icon for Nimbostratus rankNimbostratus
    Mar 12, 2019

    Hi Piotr,

     

    First Variable Assign

     

    LDAP Query

     

    Second variable assign

     

     

    Branch 1 expression for variable assign

     

     

  • Stanislas_Piro2's avatar
    Stanislas_Piro2
    Icon for Cumulonimbus rankCumulonimbus
    Mar 12, 2019

    Is there trusted relationship between domains?

     

    If true, you can configure both domains (In Active directory auth servers) and trusted domain objects...

     

    then in AD Auth box, select this trusted domains.

     

    AD Selection will be automatic.

     

    Regards.