Restricting AD Authentication to Authorized Users Only
Hello, I have an F5 i2000 load balancer, running Version 12.1.2.249.
I am configuring AD Authentication for the management interface, but I ran into an issue. AD Authentication is configured to use Role Groups and all is working find. However, I noticed that any domain user is able to log into the device with Administrator rights. How do I restrict unauthorized access? I've setup other devices using AD and LDAP and there are ways to put filters in place to accomplishes this.
I am BINDING to AD using user template: %s@mydomain.loc
Any advised will be appreciated.
Hugo
The fix to my problem was the settings under "External Users". This group of settings has three settings: Role, Partition Access, and Terminal Access. It looks like these settings control the access restrictions that will apply by default to anyone that is able to authenticate to the remote authenticating server, in my case, the DC.
By default this setting is set to "No Access", but it looks like it was changed in my configuration that is why any domain user was able to log in with Administrator rights. My current settings are (Access Restriction is working):
Role: No Access Partition: All Terminal Access: Disabled
Thanks again.
Hugo