The people who run the app and the F5 just let me know the name of the service account which makes the requests. When I do a search for auth attempts by that service account, I see them across all of the domain controllers, with the source IP address being from the F5 IP pool.
I had been searching for the name of the server hosting the app, and all references to that server were in the Security Log on DC1 only. If I had known to search on the name of the service account, or what source IPs to look for, it wouldn’t have thrown me off. *From:* [email protected] [mailto: [email protected]] *On Behalf Of *Ed Ziots *Sent:* Tuesday, August 25, 2015 2:44 PM *To:* [email protected] *Subject:* Re: [NTSysADM] LDAP Queries and Authentication Did the f5 folks cofigure sticky on the requests? Usually I would authenticate to dc before you send an ldap query. So something.doesnt look right on. Both ends. Ed On Aug 25, 2015 2:29 PM, "Charles F Sullivan" <[email protected]> wrote: Is it typical for an LDAP query to be sent to DC1, but then the authentication request is sent to DC2? Because of an application which apparently insists on having a specific domain controller entered in the interface, someone here set up an F5 load balancer to spread out the many LDAP queries sent by the app. I noticed in troubleshooting a problem with the app that all authentication requests that come from the server running the app are going to one DC, which quite threw me off. The other group insists that the F5 is doing its job and I believe them, even though all the authentication requests are definitely going to just DC1. Is it that this is not typical and that the rather convoluted method of using a load balancer in front of DCs is causing it to work this way? The fate of the world doesn’t depend on me knowing the answer to this, but I had told these folks that the load didn’t appear to getting balanced based on the auth entries (and lack of them) in the Security Logs. Charlie Sullivan Sr. Windows Systems Administrator Boston College 197 Foster St. Room 367 Brighton, MA 02135 617-552-4318
