Virtual Service Integration with ADSelfService Plus
Information
| Summary: |
This article will outline how to allow traffic for ADSelfService Plus through a Virtual Service (VS) with SubVSs |
| Environment: |
Product: LoadMaster Version: Any Platform: Any Application: Any with SubVSs |
| Question/Problem Description: |
We added MFA and that portion isn't working when connecting through the LoadMaster. If going direct to the server, it works fine. |
| Steps to Reproduce: | |
| Error Message: | |
| Defect Number: | |
| Enhancement Number: | |
| Cause: |
ADSelfService Plus associates a new directory with an application to allow for proper connectivity: /adssp. When connecting to a VS with SubVSs, if no traffic is matched, content won't be forwarded to a SubVS and therefore will not be sent to an application server. |
| Resolution: |
A Content Rule must be created to allow traffic for /^\/adssp.*/ Name your rule, apply the syntax /^\/adssp.*/ within the Match String, and check the Ignore Case box, then click Create Rule. Navigate to Virtual Services > View/Modify Services > modify your desired Virtual Service. Expand the SubVSs tab and click on the Rules associated with the SubVS. Note, if this is an Exchange VS, we recommend applying this rule to the OWA SubVS. From the drop-down menu, select the ADSSP rule, then click Add. |
| Workaround: | The workaround to this would be to remove the SubVS from the VS and create a new VS with it. Note, this doesn't work if the application is separated by directory (such as Exchange), but will work if the SubVSs are designated by hostname. |
| Notes: |
https://support.kemptechnologies.com/hc/en-us/articles/360058856791-LoadMaster-Duo-Integration-Guide https://support.kemptechnologies.com/hc/en-us/articles/7170469507341-Content-Rules |