LDAP irule

Question

Hello: &nbsp;
Environment: Working secureLDAP virtual where only clientside TLS encryption is configured and server side (Microsoft AD) is plain tcp/389.&nbsp;
Need help to create an iRule to achieve following two objectives. &nbsp;
1) Narrow down the request acceptance from : 10.x.x.x and 192.168.x.x range ; If possible using datagroup
2) If possible, narrow down the ldap looks to a particular OU only i.e. OU=Users,OU=f5,OU=com
3) Generate a log.local0 suggesting " using  request  and also what was returned back. &nbsp;
Appreciate your pointers for me to march in the right direction. &nbsp;
Thanks in advance,&nbsp;

michaelatf5 · Answer

What version of TMOS are you using?  LDAP support was part of ACA in previous versions, but has been deprecated.  Unless you are using an older version of TMOS and have ACA licensed, an LTM only irule for LDAP will be extremely complex with SIDEBAND connections.  Its possible, but it's binary and very complex. I would not want to have to support it, and it would most likely not be supported during an upgrade.&nbsp;
An easier approach would be to use integrated LDAP with Access Policy Manager. &nbsp;

Forum Discussion

LDAP irule

1 Reply

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

F5 Software Downgrade from version 17.x.x to 15.x.x

Error diskmonitor

CPU utilization of F5OS on r2600

sslprovide (--f5 ssl) does not generate CLIENT/SERVER_TRAFFIC_SECRET on server-side TLS traffic

Hardware replacement i2800 to r2600

Related Content

LDAP Proxy

Google Authenticator iRule For Two-Factor Auth With LDAP

LDAPS vip - how to?

Unbind your LDAP servers with iRules

LDAP StartTLS Extension to LDAPS Proxy

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS