Am looking for a way to modify the cn of a LDAP bind request

Question

Am looking for a way to modify the cn of a LDAP bind request &nbsp;
&nbsp;Hoping it is possible for an iRule to rewrite a request from Novell eDirectory to Active Directory.&nbsp;
&nbsp;ie change 'cn=rauth,ou=pco,o=tetv' to rauth@acd.domain.&nbsp;&nbsp;
&nbsp;Hoping someone can lead me in the right direction, I can not find anything in the forums.&nbsp;&nbsp;
&nbsp;Thankyou

garth_ladlow_32 · Answer

I have the following which is close but it errors with the valid password&nbsp;
&nbsp;when CLIENT_ACCEPTED {  
&nbsp;    TCP::collect 
&nbsp;}&nbsp;
when CLIENT_DATA {&nbsp;
&nbsp;      set payload [TCP::payload] 
&nbsp;  
&nbsp;     regsub -all "cn=rad,ou=pco,o=etv" $payload "cn=rad,ou=earth,ou=thirdplanet,dc=aus,dc=somewhere" payload
&nbsp; 
&nbsp;     TCP::payload replace 0 [TCP::payload length] $payload&nbsp;
  TCP::release
&nbsp;  TCP::collect
&nbsp;}&nbsp;

hooleylist · Answer

Hi Garth, 
&nbsp;  
&nbsp; I imagine you could parse the TCP data to do this, but I haven't tried something like this before.  Joe added a great Codeshare example which parses LDAP requests to separate read and write requests.  You could use this as a start: 
&nbsp;  
&nbsp; http://devcentral.f5.com/wiki/default.aspx/iRules/LDAPProxy.html 
&nbsp;  
&nbsp; Aaron

Forum Discussion

Am looking for a way to modify the cn of a LDAP bind request

Recent Discussions

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

Switch ssl profile based on weak cipher detection via IRULE

full-proxy HTTP2

Decode ObjectSID from Base64-encode string

Related Content

BIG-IQ Applicaiton Service emails looking to modify email content to include a link

Modifying multiple entries in a datagroup via api?

Logging of DNS Requests and Responses without a DNS license

Revocation Status in HTTP Request Header

Using iControlRest to modify LTM pools

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS