2.4. Review the Access Policy and AAA configurationΒΆ

  1. From the Main menu on the left, select Access > Authentication > NTLM > NTLM Auth Configuration.
  2. Select f5labs.com_ntlm_aaa from the NTLM Auth Configuration list. The following screen should appear:

f5labs.com NTLM Auth Configuration

Machine Account Name is the name of the security object that is added to the domain as a Computer Account. Domain Controller FQDN List contains a list of the Windows domain servers (there is only one in this lab environment).

  1. From the main menu select Access > Profiles / Policies > Access Profiles (Per-Session Policies). The following screen should appear:
Access Profile List
  1. Click on the Edit button next to the f5labs-ntlm-ap access profile. A new browser tab will appear showing the Access Policy in the Visual Policy Editor (VPE):

f5labs-ntlm-ap Access Policy (VPE)

The NTLM Auth Result agent check whether NTLM authentication was successful. If it was, the next action is an AD Query to gather more information about the user from Microsoft Active Directory.

  1. Click on the Close button to exit the Visual Policy Editor.