Forum Discussion
Andrew_Husking
Mar 29, 2016Cirrus
We got this working in our environment.
The following iRule was used to capture the username from the incoming request from o365.
when ACCESS_POLICY_AGENT_EVENT {
if { [ACCESS::policy agent_id] eq "GetURIusername" } {
set username [string map -nocase {"%40" "@"} [URI::query [ACCESS::session data get session.server.landinguri] username]]
log local0. "Username = $username"
ACCESS::session data set session.custom.foundusername "1"
ACCESS::session data set session.custom.upn $username
ACCESS::session data set session.logon.last.username [lindex [ split $username "@"] 0]
}
}
After that we have a branch rule that if session.custom.foundusername = 1 it goes to a logon page with a READ ONLY username field. If it's not set, you get a standard logon page.
If you don't have the username as read only it's not populated.
Note that in our iRule we removed the domain from the input as it caused issues.
HTH