Bug ID 674410: AD auth failures due to invalid Kerberos tickets

Last Modified: Nov 07, 2022

Bug Tracker

Affected Product:  See more info
BIG-IP APM(all modules)

Known Affected Versions:
12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 12.1.3, 12.1.3.1, 13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3

Fixed In:
13.1.0, 13.0.1, 12.1.3.2

Opened: Jul 17, 2017
Severity: 3-Major
Related Article:
K59281892

Symptoms

User can not login.

Impact

AD Auth/Query fails. APM end user won't be able to take successful branch in Access Policy.

Conditions

- AAA AD server is configured on BIG-IP. - AD Auth/Query agent is used in Access Policy. - Cached Kerberos ticket is invalid or backend AD server is not reachable for some reason

Workaround

None.

Fix Information

Invalid Kerberos tickets for AD Query are now automatically renegotiated by APM.

Behavior Change