Forum Discussion

elastic_82555's avatar
elastic_82555
Icon for Nimbostratus rankNimbostratus
Apr 26, 2013

kerberos and ntlm authentication using APM

Hi,

 

I have setup sharepoint 2010 iApp, using NTLM authentication and it is working well(using the F5 login page), however, I now have a requirement to use kerberos authentication, as well as NTLM. In effect, if the kerberos is not present, then the NTLM should be used as the default. Another requirement, is that if a user is already logged into their windows 7 workstation, then their credentials should be silently passed to the F5 to allow kerberos authentication "transparently" without the user having to see a login page.

 

Currently I have read many documents, but settled on the "Access policy manager, Single Sign On configuration guide" for v11.3(HF3). This details the NTLM setup nicely and also a "client based certificate" setup using kerberos. Whilst this is instructive, it does not actually help, as my scenario does not involve client side certificates(unless I am mistaken). I have created a kerberos SSO config, and am at the stage of editing the access policy, but it is at this piont, where I seem to have a lot of choices and not much documentation. Has anyone done this already, and could offer me any pionters. As a first off, I would like to just get kerberos SSO working, then I could work on getting both NTLM and Kerberos.

 

any links to documentation, or even better a similar example would be extemely appreciated.

 

 

thanks

 

Sc0tt....