Forum Discussion

jrenier_47051's avatar
jrenier_47051
Icon for Nimbostratus rankNimbostratus
Jul 01, 2011

Kerberos Auth + SSO with Sharepoint 2010

Hi,

 

 

We have a special request:

 

 

Build an authentication page blocking all access to sharepoint before Kerberos authentication is done in a nice company branded page.

Arrange F5 Kerberos authentication integration with Sharepoint to support Single Sign on.

 

After authentication keep session active (timer ? managed by the F5 ? by the Sharepoint ? Until logged out of sharepoint ?)

 

 

I don't really know where to begin.

 

It seems I have to play with Kerberos delegation

 

http://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/ltm_implementation/sol_kerberos_delegation.html1033946

 

 

I've already asked to client to see if he has the ADD CLIENT AUTHENTICATION license.

 

 

 

Any info would be nice. Is this scenario even possible ? (client has 10.2.1)

 

Thanks

 

  • This will be possible in v11(due out this quarter) while leveraging APM(Access Policy Manager) product on top of the LTM. The beta of v11 is available now at http://beta.f5.com - feel free to sign up, download beta, and start playing with it. Kerberos use case documentation is available on the beta site as well. This is definitely a great use case for leveraging F5 technology in front of Sharepoint. Please post your feedback and follow-up questions if needed.

     

  • Thanks for that reply. But is the APM layer in v11 absolutely necessary to do this ?

     

    Can't we go with ACA and v10.2.1 ?

     

     

    I just need to be sure, cause i have to explain my client to postpone everything 3 months if we need v11.