Protected: F5 Networks – Houston User Group Training Session

There is no excerpt because this is a protected post.

Password Resets and User Authenticity

With any application that requires authentication you will inevitably run into a password expiration and/or lockout issues that requires a user to reset their password. I have seen organizations address this with a wide range of solutions from home grown programs all the way to multi-million dollar identity management frameworks. While both solutions will help a … Continue reading Password Resets and User Authenticity →

302 vs 307: All about the POST

Recently I was helping a customer address a multi-factor authentication bug where the 3rd party MFA solution would post the username and temporary token back to APM via the wrong URL. While we worked with the partner to address this bug the customer needed a work around in the meantime... perfect time for an iRule! For … Continue reading 302 vs 307: All about the POST →

APM Citrix Client Bundle for StoreFront 2.6 HTML5 Receiver

If you're using Citrix StoreFront 2.6 and following the Citrix-VDI-iApp 2.0.0 deployment guide you may run into a snag while creating the Citrix Client Bundle for HTML 5 support (on page 45). In StoreFront 2.6 the Citrix HTML5 Receiver is no longer a standalone MSI file but is now bundled into the StoreFront 2.6 executable. … Continue reading APM Citrix Client Bundle for StoreFront 2.6 HTML5 Receiver →

APM Cookbook: Multiple Domain Authentication – Part 2

In this series we examine ways to make APM authenticate against multiple Active Directory Domains. Part 1 discussed the use of a drop down menu on the APM login page. In Part 2 we use the user’s UPN to determine the correct domain for authentication. Note: If you are following along through the series I recommend … Continue reading APM Cookbook: Multiple Domain Authentication – Part 2 →

APM Client Side NTLM Authentication – 3 Things to Watch

APM has a nice feature that allows seamless authentication for domain joined machines by leveraging NTLM and/or Kerberos authentication. Michael Koyfman has a great article on DevCentral titled Leveraging BIG-IP APM for seamless client NTLM Authentication that will walk you through the steps. I've implemented this a few times and I wanted to share some … Continue reading APM Client Side NTLM Authentication – 3 Things to Watch →

SAML – Client versus Server Authentication with F5 APM

As organizations start to utilize Software as a Service (SaaS) the concern on how to authenticate users becomes a critical security issue. Many organizations look to federated authentication mechanisms, such as SAML, to help address this security risk. The benefits of using SAML are that user credentials are not replicated across each vendor cloud instance … Continue reading SAML – Client versus Server Authentication with F5 APM →

Configuring and Testing an External Monitor

In follow-up to my post on Monitoring Access Policy Manager this post will walk you through how to assign the monitor to a GTM pool and simulate a down status to ensure GTM is configured correctly. If you do not know how to import the external monitor into GTM please reference SOL13423. Someone asked what … Continue reading Configuring and Testing an External Monitor →

Problems Opening SharePoint Documents

If you're using SharePoint behind F5's Access Policy Manager and you're having problems opening files you need to check out Microsoft's Knowledge Base Article 2936341. This is a bug that's been around in Windows for awhile (I was troubleshooting this almost a year ago) and has recently been fixed. The WebClient was not always sending … Continue reading Problems Opening SharePoint Documents →

APM Cookbook: Multiple Domain Authentication – Part 1

I posted a new series on DevCentral regarding ways F5's Access Policy Manager can facility authenticating users from multiple domain sources. This post is part 1 of 4 and the series will cover some cool topics like home realm discovery and automatic domain detection.