APM 2-Factor Radius and AD Authentication user accounts sAMAccountName and UPN suffixes

Question

Hello,&nbsp;
my question is, I have a apm scenario, landing page, Radius Auth. (SafeNet), the Radius Auth need the sAMAccountName for example doej than I give at the landing page the OTP (onetimepassword) and the AD Password which I switch which a variable assignment, but now I want to do a ldap auth and for the ldap auth we need the UserPrincipalName (email) for example john.doe(at)company.com. So my question would be now, how can I check maybe with a ldap query the UserPrincipalName to switch from doej -&gt; john.doe(at)company.com that the ldap auth will not fail and the SSO is after this correct working, maybe someone have a idea, need I an iRule or just a ldap query the expressions and so on ? Please give some examples &nbsp;
THX
Manu  &nbsp;

henrik_s · Answer

As long as the user provides you with sAMAccountName you could perform a ldap query to fetch the UPN. Then you would have to perform variable assignments to be able to perform the ldap auth with session.logon.last.username by default. Then again you would need to check your sso credential mapping and possibly perform another variable assignment before, or check your SSO profile to use the correct username.&nbsp;

Forum Discussion

APM 2-Factor Radius and AD Authentication user accounts sAMAccountName and UPN suffixes

1 Reply

SSO Login Update Coming to DevCentral

Kevin - June 2026 Featured F5er

Tyler - May 2026 Featured Member

Recent Discussions

ASM attack signatures not syncing between active and standby F5

Query on source IP preservation for syslog traffic through F5 virtual server

Hardware BIG-IP appliance reach EOSS, but the software version running on it not yet?

VPN Communication Error with F5 BIG-IP Edge Client

simultaneous disabling / enabling of all LTM objects

Related Content

Configure Toopher 2 Factor Authentication to work with APM

SecureAuth 2-Factor STS iApp

Google is implementing 2-factor Authentication

F5 BIG-IP Access Policy Manager (APM) - Google Authenticator and Microsoft Authenticator

iControl REST Authentication Token Management

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS