Forum Discussion
NimbostratusAPM TCL expression
Please help! I have the following argument in the LDAP query for APM policy: expr {[string tolower mcget {session.saml.last.identity}] contains "@yahoo.com"} and I get the following error: Rule evaluation failed with error: bad index "session.saml.last.identity": must be integer or end?-integer?
If I remove the case check and use this TCL expression, it works fine. expr {[mcget {session.saml.last.identity}] contains "@yahoo.com"}
Thanks! Lakshmi
4 Replies
Lakshmi_AlbrighBTW, I do need the case check because I found some user entries in our SSO servers in fully uppercase characters and the expression without the case check failed for them.
kj07208_118528Cirrus
Why not convert the string to lower then do the contains? If it is case sensitive it might returning a value that not expected. I have something like this for converting the string to lower, [string tolower [mcget {session.logon.last.logonname}]] In the APM I have the following (Variable Assignment) session.logon.last.logonname = return [string tolower [mcget {session.logon.last.logonname}]]
- Kevin_Stewart
Employee
I believe the problem is actually in the expression. It should look something like this:
expr { [string tolower [mcget {session.saml.last.identity}]] contains "@yahoo.com" }Notice the extra set of square brackets around the mcget.
- Lakshmi_Albrigh
Thanks all, It turned out that the correct expression is: expr { [string tolower "[mcget {session.saml.last.identity}]"] contains "@yahoo.com" }
L.
