Certificate and Session Variable Problem on 11.6 HF4

Hi All,

 

I have a problem with an APM I am creating on our Production environment. I am doing an ondemand certificate check and then extracting the "username" from the certificate. On our development device (which is 11.6 HF6 vs the Production device being 11.6 HF4) this works fine. In saying that our Production device has other APM's using the same variable assignment and that works fine.

 

The debug log from my APM is as follows:

 

Session variable 'session.ssl.cert.valid' set to '0' Executed agent '/Common/APMNew_act_ondemand_cert_auth_ag', return value 0 Following rule 'Successful' from item 'On-Demand Cert Auth' to item 'Assign Variables'

 

** so I can see the certificate is valid hence why it then follows the successful path. Immediately after this I have the Variable assign. The variable assign code is as follows:

 

1) session.logon.last.username = set f1 [mcget {session.ssl.cert.subject} ] set f2 [split $f1 "," ] set f3 [lindex $f2 0] set f4 [split $f3 "="] set f5 [lindex $f4 1]

 

2) session.logon.last.username = expr { [string tolower [mcget {session.logon.last.username}]] }

 

3) session.logon.last.domain = expr {"MYDOMAIN"}

 

I then see this error in the debug log for the APM

 

Rule evaluation failed with error: wrong args: should be "set varName ?newValue?" Variable Assignment Agent: In agent '/Common/APMNew_act_variable_assign_ag', session variable 'session.logon.last.username' not created due to invalid TCL Expression

 

I put a message box after the variable assign to see what values are returned. The message box outputs the following:

 

%{session.logon.last.username} ==> returns nothing %{session.logon.last.domain} ==> returns the Domain (on both devices) %{session.ssl.cert.subject} ==> returns the correct certification subject (i.e. CN=userid,OU=Users,DC=...........) (on both devices)

 

So it's obvious here that the issue is with the expression I am trying to use I just can't see where the fault is.