LDAP proxy - send write requests to a second pool member

Question

We are trying to migrate our LDAP users from eDirectory to AD. Using Novell DirXML, we can sync most LDAP attributes to AD, but not the passwords. We use LDAP for our web based application authentication using CA Siteminder. Using Siteminder, our external users change their passwords using a link inside our site. One solution to our problem could be an LDAP proxy that when it receives a LDAP modify command for the password attribute, it also sends the command to the AD LDAP server, in this way in time, the passwords get in sync between eDirectory and AD. Can F5 do this using iRules?  
&nbsp; Thanks.

nicolas_menant · Answer

Hi, 
&nbsp;  
&nbsp; You should be able to write a LDAP proxy to do this. You have an example of LDAP proxy here: Click here 
&nbsp;  
&nbsp; HTH &nbsp;

johns · Answer

I have a similar requirement with LDAP, where I need LTM to parse the request and send to 2 different pools based on OU.  If it is company.xyz.com, then it goes to pool1, and company.xyz.net, then pool2.  Looks like this is possible looking at the LDAP proxy rule referenced.   
&nbsp;  
&nbsp; Also, looks like the LDAP binding in the rule is using the client's credential, correct? 
&nbsp; Thanks.

Forum Discussion

LDAP proxy - send write requests to a second pool member

Recent Discussions

F5 ASM CEF Sending Logs in Specific TimeZone

F5 looses the token for the first call

feature request: container egress service

did not show checkbox on chrome while access through f5

How do I create a traffic log for two different route domains?

Related Content

Logging DNS Requests

DevCentral's Featured Member for February - Edouard Zorrilla

F5 NGINX HTTP Request Header Rules: What’s Permitted and What’s Not

DevCentral's Featured Member for December - Mohamed Kansoh

DevCentral's Featured Member for March - Thomas Dahlmann

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS