Authenticate users

Question

Hi iRules Masters,&nbsp;&nbsp;we got a Sharepoint VIP on our LTM where the users access it outside of our network. there is also a link inside sharepoint html page that is pointed to our ISA server for Authentication. I'm wondering is there any iRules out there that I can reference to replace ISA to query our Active Directory directly? essentially we want to offload authentication to F5 and get rid of ISA.&nbsp;&nbsp;&nbsp;thanks in advance&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;

michael_yates · Answer

Hi Spinx, 
&nbsp;  
&nbsp; I honestly do not think you need to off-load any authentication onto the Load Balancers.  ISA authenticates to AD and then passes those credentials to the application server, which passes them to the application. 
&nbsp;  
&nbsp; The application should maintain the ability to authenticate to AD itself, so bypassing ISA and going directly to your application should not affect your authentication model. 
&nbsp;  
&nbsp; ISA only acts like a firewall, so if you are going to bypass it then that is a different set of security concerns (which could be met and even exceeded by the use of the ASM if you have it). 
&nbsp;  
&nbsp; Hope this helps.

Forum Discussion

Authenticate users

1 Reply

Recent Discussions

BIG-IP DNS: Check Status Of Multiple Monitors Against Pool Member

Open Redirection Mitigation

F5Access | MacOS Sonoma

enable tls1.2 on management interface on F5 ltm running version 10.x

[ASM] - what is "Browser Challenge file" ?

Related Content

F5 BIG-IP Access Policy Manager (APM) - Google Authenticator and Microsoft Authenticator

RADIUS server authenticating user with Google Authenticator

Doing mTLS Authentication per URL

DEVCENTRAL END-USER LICENSE AGREEMENT

RADIUS server using APM to authenticate users