Forum Discussion

Nimbostratus

Feb 28, 2017

AD LDAP Authentication fails with mail as username

We are migrating from OID to AD LDAP. Oracle password works fine. Tried to replicate the configuration for AD LDAP. All is the same with the exceptions of a query at the beginning. The LDAP team ...

application delivery

BIG-IP Access Policy Manager (APM)

ldap authentication

gavin84_31753

Nimbostratus

Mar 02, 2017

To add a little more info. We now have the same search criteria, however, we removed the Auth and are only doing LDAP Query requiring mail and userPassword attributes. We then will do a comparison using expr { [mcget -secure {session.logon.last.password}] equals { [mcget {session.ldap.last.attr.userPassword}]} . The userPassword attribute has the password we are looking to authenticate against.

The APM log does not like the comparison string. I get a rule evaluation missing close brace on it after the query is successful.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

AD LDAP Authentication fails with mail as username

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

F5 BIG-IP Access Policy Manager (APM) - Google Authenticator and Microsoft Authenticator

Doing mTLS Authentication per URL

iControl REST Authentication Token Management

Application Programming Interface (API) Authentication types simplified

Distributed caching of authentication requests with NGINX Ingress Controller

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS