3 Replies Latest reply on Mar 5, 2009 1:59 PM by Bill Robinson

    Kerberos Authentication through Load Balancer

      After much fiddling last week, I managed to get my SSO authentication working directly against one of our many authentication servers (LDAP hosts). Our LDAP authentication uses a F5 as a LB to direct requests to one of many hosts. Initially, after failed attempts to reroute BL requests to the LB, I learned port 88 wasn't open on the LB -- this is since corrected (we can telnet into the TB on 88).


      Revising the blclient_krb5.conf and blappserv_krb5.conf results in errors. The change is to change reference to poppcgdc05 (hostname of one authentication server) to ldap2 (name of LB) and bounce the service. Of course, changing the value back and bouncing service results in expected functionality.


      Does this work through a LB? Anyone doing this?