For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

maurox_59221's avatar
maurox_59221
Icon for Nimbostratus rankNimbostratus
Oct 22, 2013

Ldap query from ltm

Hi all, I'm searching an irule that would direct all the authenticated users (that belong to a specific group defined on the ldap profile/object) to a specific pool. All the others users (that aren't...
application delivery
devops
iRules
Kevin_Stewart's avatar
Kevin_Stewart
Icon for Employee rankEmployee
Dec 05, 2013

So if I recall, we're working on a use case where one client type doesn't send the credentials in the initial request. All others do. Let's talk about a possible program flow.

client makes request to /Microsoft-Server-ActiveSync and does not have an MRHSession token - disable the policy for this request only    

Client traffic is passed through to server where the server asks for authentication in the response

Client sends authentication, like all other clients. Collect the credentials and store in the access policy

You're most likely seeing requests to /my.policy in the server logs because of when and how you're disabling the policy.