What is solution trying to demonstrate?
Customers often have scripts that run to disable stale account after so many days. This causes problem for environments where the BIG-IP is performing pre-authentication as SAML SP and the application is also SP enabled. Since both the application and the BIG-IP do not actually log the user into AD the logon time-stamp is never updated.
yahshun
commented
4 years ago
Is there a similar solution documented today no
What is solution trying to demonstrate? Customers often have scripts that run to disable stale account after so many days. This causes problem for environments where the BIG-IP is performing pre-authentication as SAML SP and the application is also SP enabled. Since both the application and the BIG-IP do not actually log the user into AD the logon time-stamp is never updated.
Describe alternatives you've considered None
Additional context None