F5 APM – Assign Resources for AD Groups

F5 APM is increasingly used as a SSL VPN portal access where users have all web applications they need to work daily. Most companies are looking for this kind of architecture because there are lots of users working from home. F5 is really powerful in this kind of architectures. In fact, there are companies they have even configured Single Sign-On (SSO) with 2 Factor Authentication (2FA) in the portal access to allow the user to log in once for all web applications as well as improving security with a token.

One of the requirement for most companies is to assign web applications for AD groups. It is mandatory that users only see their applications in the web portal. Each user should see only the applications the user is going to use. Therefore, there will be lots of SSL VPN portal. One for each user. F5 APM is able to assign resources dinamically thanks to the Advanced Resource Assign and AD Groups. For instance, we can watch in the next video that a user who belongs to two groups can see two applications.

Have you ever needed to assign resources dinamically for AD Groups? Go ahead!


  1. Hi David,
    Thanks a lot for the tutorial which is the best use case for corporation.
    I tried to reproduce your lab but I have some difficulties to match users and groups; Could you please share the Active Directory configuration of the groups.
    Thanks in advance.
    Best Regards,


Enregistrer un commentaire