09-13-2007 07:05 AM
Good afternoon, We are having and issue with the following setup:
The issue is this: All users hitting a global portal that is not on this set of CSS's. In that portal when they select this application, I'm being told they are being redirected to this set of CSS's. The issue is I'm being told that there portal kerberos authentication is not working? All authentication would be handled via Windows AD infrastructure.
Can anybody take a look at my setup and see if I'm missing something? Will I have to use local services instead of redirect services? They really want to utilize the redirect services.
Thx
-Rich
owner xxxx
content short
vip address x.x.x.x
redirect "//test.company.com:50100/irj"
protocol tcp
port 80
url "//short_name/"
active
content fqdn
vip address x.x.x.x
redirect "//test.company.com:50100/irj"
protocol tcp
port 80
url "//test.company.com/"
active
content lb_rule
vip address x.x.x.x
balance weightedrr
advanced-balance sticky-srcip
url "//test.company.com:50100/*"
protocol tcp
port 50100
add service srv1
add service srv2 weight 5
active
service srv1
ip address x.x.x.x
keepalive type http
keepalive port 50100
keepalive uri "/index.html"
type redirect
port 50100
active
service srv2
ip address x.x.x.x
keepalive type http
keepalive port 50100
keepalive uri "/index.html"
type redirect
port 50100
active
09-14-2007 12:50 AM
you should capture a sniffer trace on the client, css and kerberos server to see what is going on.
Understand the flow of the traffic and see where is the problem.
A config like this is ok. But it may require some twiking for kerberos in your environment.
Gilles.
09-14-2007 10:54 AM
Gilles,
Thanks for the reply. For the portal kerberos to work I had to modify the services. I added a redirect domain.
domain site.company.com:50100
Thx
-Rich
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide