Solution7: Inline SAML with Kerberos sideband

This solution documents all the necessary pieces required to create a set of APM policies that updates the AD lastlogontimestamp when only using SAML.

Keywords: saml, kerberos, ad, active, directory, idp, sp, chaining, inline

DC: single, multi

URL

Note

The link below only works from the UDF blueprint

https://sp.acme.com

Configuration Comments



UDF Deployment Models

BIG-IP Version Blueprint Version
15.1 5

BIG-IP Components used:

  • Virtual Server
    • HTTP Profile
    • Client-side SSL Profile
    • Access Profile(s)
      • SAML SP Service
      • SAML IDP Connector
      • SAML IDP Service
      • SAML SP Connector
      • AAA Active Directory
      • Kerberos SSO