Jump to content

Authentication Issues on F5



We upgraded to and now we seem to have a bunch of issues authenticating using either AD or TACACS.  It requires multiple tries and then it eventually works.

Our first attempt is to fix the F5 devices that are using AD only

vi /etc/openldap/ldap.conf

You have to add a new line



# LDAP Defaults

# See ldap.conf(5) for details
# This file should be world readable but not world writable.

#BASE   dc=example,dc=com
#URI    ldap://ldap.example.com ldap://ldap-master.example.com:666

#SIZELIMIT      12
#TIMELIMIT      15
#DEREF          never
TLS_REQCERT     never
REFERALLS       no
TLS_CACERTDIR   /etc/openldap/certs


Then you need to run

tmsh list auth ldap system-auth referrals
auth ldap system-auth {
    referrals yes

If its yes, then change it to no by running

tmsh modify auth ldap system-auth referrals no

And confirm its set by doing another list command like the one above

tmsh list auth ldap system-auth referrals
auth ldap system-auth {
    referrals no

And finally before you start testing, save the configuration

tmsh save sys config
Saving running configuration...

Now do some testing of your user account that utilizes AD to see if it works.



Recommended Comments

There are no comments to display.

Add a comment...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...