Bug ID 555435: AD Query fails if cross-domain option is enabled and administrator's credentials are not specified

Last Modified: Oct 06, 2020

Bug Tracker

Affected Product:  See more info
BIG-IP APM(all modules)

Known Affected Versions:
11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8

Fixed In:
12.1.0, 11.6.1

Opened: Oct 30, 2015
Severity: 3-Major
Related AskF5 Article:
K34742242

Symptoms

AD Query fails in cross-domain environment, when AAA AD Server has no administrator credentials configured and user's logon name is different from pre-win2k name

Impact

AD Query fails

Conditions

- AD Query is configured in an Access Policy. - The administrator's credentials are not specified at AAA AD Server configuration page (that is in use by AD Query). - The domain logon name is different from pre-win2k name.

Workaround

The administrator should provide AD administrator credentials at AAA AD Server configuration page.

Fix Information

AD Query now completes as expected if cross-domain option is enabled and administrator's credentials are not specified.

Behavior Change