Forum Discussion

Cirrocumulus

Apr 02, 2021

ldap auth not setting %{session.ldap.last.attr.dn}

Hi I have a ldapauth followed by ldap query and the query is not working I have a search filter of uniquemember=%{session.ldap.last.attr.dn} But %{session.ldap.last.attr.dn} is not set ...

BIG-IP

BIG-IP Access Policy Manager (APM)

security

spalande

Nacreous

Apr 02, 2021

Have you tried adding "dn" in required attribute under LDAP query properties? Alternatively, you can try with

"session.ldap.last.attr.memberOf" variable and works great to identify the group membership.

Below is the expression to check for the group membership -

expr {[string match -nocase {*group_name*} [mcget {session.ad.last.attr.memberOf}]] }

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

ldap auth not setting %{session.ldap.last.attr.dn}

Recent Discussions

Question regarding nginx plus gpg key

iHealth Upgrade Advisor is back

Require host header

Verify change in behavior for (major) software updates

Does the iHealth upgrade advisor consider iRule configuration

Related Content

LDAP Auth, LDAP Query with UPN fails

Setting up persistence in F5 XC

LDAP Proxy

Setting up BIG-IP with AWS CloudHSM

APM Cookbook: Modify LDAP Attribute Values using iRulesLX

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS