Forum Discussion

ravensfan0827_7's avatar
Icon for Nimbostratus rankNimbostratus
Mar 15, 2012

Obtaining access to a user's LDAP DN after successful authentication




During LDAP authentication in my APM policy, I can see from the logs that the user's


LDAP DN is retrieved from the directory in order to perform the final bind. Is the user's LDAP DN stored anywhere where I can access it later in an iRule? It doesn't seem to be stored in the ldap session variables...




2012-03-15 14:48:17 : LDAP agent: ENTER Function executeInstance



2012-03-15 14:48:17 : LDAP module: ENTER Function authenticateUser



2012-03-15 14:48:17 : LDAP module: ldap_initialize() successful. URI:'ldap://XX.XX.XX.XX:389'



2012-03-15 14:48:17 : LDAP module: ldap_simple_bind_s() successful, dn: cn=admin,ou=XXX,o=myorg,c=US



2012-03-15 14:48:17 : LDAP module: ldap_search_ext_s() successful. base: o=myorg,c=us, scope: 2,filter: 'uid=johndoe'



2012-03-15 14:48:17 : LDAP module: DN: cn=Doe John johndoe, ou=sales, ou=People, o=myorg,c=US retrieved



2012-03-15 14:48:17 : LDAP module: ldap_simple_bind_s() successful, dn: cn=Doe John johndoe,ou=sales,ou=People,o=myorg,c=US



2012-03-15 14:48:17 : LDAP module: LEAVE Function authenticateUser



2012-03-15 14:48:17 : LDAP agent: Auth (logon attempt:0): authenticate with 'johndoe' successfully



2012-03-15 14:48:17 : LDAP agent: LEAVE Function executeInstance



2012-03-15 14:48:17 : Executed agent '/Common/passport_act_ldap_auth_ag', return value 0



2012-03-15 14:48:17 : Following rule 'Successful' from item 'LDAP Auth' to item 'Logging(1)'


2 Replies

  • Please let me know if you figured this one out -- we are using APM for authentication from an LDAP source, and would like to provision resources based upon the OU of the user, but I'm not seeing this info as a session variable.
  • OK - feeling stupid now. Found it right after posting: