Forum Discussion

DFeike_160744's avatar
Icon for Nimbostratus rankNimbostratus
Aug 10, 2014

APM: irule needed to extract Username from Client Cert to use it for AD group query

Hi community, i've recently took over the task to implement Big-IPs in projects and I'm quite comfortable with LTM Tasks, but now I have to solve an APM Problem.


Currently the customers mobile devices e.g. tablets are logging in via Edge-Client and after a Client Cert Check, they have to reenter their AD credentials for an AD Auth Check, which also are used for the AD Query to assign ressources based on AD groups.


Basicly they want to have the the AD Credential popup removed (yeah, also think it is not very sensibel). My idea to get the group mapping done was to use an iRule to extract the username from the Client Cert and put this into the AD Query.


However, since my skill in APM is very limited I don't know of any built-in method, which could handle this and hope someone can direct me in the right direction or providing an iRule which might get the job done.


Thanks in advance and hope being able to give solutions back anytime soon. :)




2 Replies