Branching based on LDAP error messages

Question

Is there a way to capture the error message that has been returned from an LDAP Bind call and perform a branch decision based on the content of this message?&nbsp;
In my access policy I have the LDAP Bind retry count set to a value of zero so that the fallback branch is triggered and I can log the session variables. I see reference to "session.ldap.last.errmsg" however this is never populated with the message that is returned from my ldap server. &nbsp;
Thanks.&nbsp;

kunjan · Answer

Which version you are referring? There was a related issue which fixed in 11.0 which requires retry to be &gt; 1 for the message to set.&nbsp;

walter_kacynski · Answer

I am using version 11.4.1 HF3 After double checking, I had the attempts set to 3. I changed this to 1 and session.ldap.last.errmsg was correctly populated. I clearly was doing something wrong the first time that I tried this. At least it works now.

Forum Discussion

Branching based on LDAP error messages

2 Replies

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

VIP is not responding on SYN after enabling other modules like ASM, APM and AFM.

2026 301a exam

F5OS login with admin/root failed via console

UCS Encryption Question

Unblock Request WAF

Related Content

Performance optimalization of message based load balancing.

Load Balancing TCP TLS Encrypted Syslog Messages

APM URL Branching tolower

Massive DDoS, DanaBot Dismantled, Scraped Discord Messages and Signal Blocks Windows Recall

Demystifying Time-based OTP

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS