Bug ID 674410: AD auth failures due to invalid Kerberos tickets

Last Modified: Oct 17, 2023

Affected Product(s):
BIG-IP APM(all modules)

Known Affected Versions:
12.1.2, 12.1.3,, 13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3

Fixed In:
13.1.0, 13.0.1,

Opened: Jul 17, 2017

Severity: 3-Major

Related Article: K59281892


User can not login.


AD Auth/Query fails. APM end user won't be able to take successful branch in Access Policy.


- AAA AD server is configured on BIG-IP. - AD Auth/Query agent is used in Access Policy. - Cached Kerberos ticket is invalid or backend AD server is not reachable for some reason



Fix Information

Invalid Kerberos tickets for AD Query are now automatically renegotiated by APM.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips