LDAP proxy - send write requests to a second pool member

Question

We are trying to migrate our LDAP users from eDirectory to AD. Using Novell DirXML, we can sync most LDAP attributes to AD, but not the passwords. We use LDAP for our web based application authentication using CA Siteminder. Using Siteminder, our external users change their passwords using a link inside our site. One solution to our problem could be an LDAP proxy that when it receives a LDAP modify command for the password attribute, it also sends the command to the AD LDAP server, in this way in time, the passwords get in sync between eDirectory and AD. Can F5 do this using iRules?  
&nbsp; Thanks.

nicolas_menant · Answer

Hi, 
&nbsp;  
&nbsp; You should be able to write a LDAP proxy to do this. You have an example of LDAP proxy here: Click here 
&nbsp;  
&nbsp; HTH &nbsp;

johns · Answer

I have a similar requirement with LDAP, where I need LTM to parse the request and send to 2 different pools based on OU.  If it is company.xyz.com, then it goes to pool1, and company.xyz.net, then pool2.  Looks like this is possible looking at the LDAP proxy rule referenced.   
&nbsp;  
&nbsp; Also, looks like the LDAP binding in the rule is using the client's credential, correct? 
&nbsp; Thanks.

Forum Discussion

LDAP proxy - send write requests to a second pool member

2 Replies

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

Not seeing the latest F5OS-A when running Journeys

Related Content

Aswin MK - November 2025 Featured Member

Kostas Injeyan - October 2025 Featured Member

HTTP Request Smuggling Using Chunk Extensions (CVE-2025-55315)

Logging DNS Requests

Using Client Subnet in DNS Requests

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS