Forum Discussion

Cirrus

Jan 23, 2023

APM Access Policy - Pass LDAP or AD Query variable

Is it possible to query whether a user has a value for one or another variable then use that to pass or fail passage down the rest of the swimlane for access? (e.g.- expr {[mcget {session.ad.session....

access policy

ad query

BIG-IP Access Policy Manager (APM)

devops

jamie_staples

Cirrus

Jan 23, 2023

and that mostly works for me....but does the same logic still work if it's either of the variables that are true, i.e.

expr {[mcget {session.ad.session.ad.last.attr.variable1}] != "" || [mcget {session.ad.session.ad.last.attr.variable2}] != ""}

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

APM Access Policy - Pass LDAP or AD Query variable

SSO Login Update Coming to DevCentral

Kevin - June 2026 Featured F5er

Tyler - May 2026 Featured Member

Recent Discussions

Clone/export/import API Protection Profile

UCS file migration on differing OS versions

simultaneous disabling / enabling of all LTM objects

F5 VE WAF FINE TUNING

Changes to DO and AS3 GitHub - no longer monitored

Related Content

APM-DHCP Access Policy Example and Detailed Instructions

F5 BIG-IP Access Policy Manager (APM) - Google Authenticator and Microsoft Authenticator

Federated AWS Console Access Made Easy: F5 BIG-IP Access Policy Manager Access Guided Configurations

F5 BIG-IP Access Policy Manager (APM) Machine Tunnels for Windows

APM variable assign examples

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS