Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

Warren_129981's avatar
Warren_129981
Icon for Nimbostratus rankNimbostratus
Nov 20, 2013

APM directing user flow based on LDAP query

Morning, What is the best way to address the following situation: APM VPE is a basic setup: Logon Page -> LDAP Query -> LDAP Auth -> SSO Cred Mapping -> Allow Complicated part comes ...
BIG-IP Access Policy Manager (APM)
policy
security
Thomas_Gobet's avatar
Thomas_Gobet
Icon for Nimbostratus rankNimbostratus
Nov 20, 2013

Hi Warren,

You can check you LDAP attribute using this : 

expr { [mcget {session.ldap.last.attr.YourVariableName}] == 0 }

To do so, you have to create a box LDAP Query and add as many branch rules as differents values you have.

Warren_129981's avatar
Warren_129981
Icon for Nimbostratus rankNimbostratus
Nov 21, 2013
Thanks Thomas. That is what I was doing and can see the values associated to that variable. I found a solution. Right or wrongly. I created endpoints that would point to the front of the VS with a specific URI that I wrote an Policy to pick up and direct the traffic. ;) Thanks!