Solution7: Inline SAML with Kerberos sideband

This solution documents all the necessary pieces required to create a set of APM policies that updates the AD lastlogontimestamp when only using SAML.

Keywords: saml, kerberos, ad, active, directory, idp, sp, chaining, inline

DC: single, multi

URL

Note

The link below only works from the UDF blueprint

https://sp.acme.com

Configuration Comments



UDF Deployment Models

BIG-IP Version

Blueprint Version

15.1

5

BIG-IP Components used:

  • Virtual Server

    • HTTP Profile

    • Client-side SSL Profile

    • Access Profile(s)

      • SAML SP Service

      • SAML IDP Connector

      • SAML IDP Service

      • SAML SP Connector

      • AAA Active Directory

      • Kerberos SSO