Forum Discussion

ravensfan0827_7's avatar
ravensfan0827_7
Icon for Nimbostratus rankNimbostratus
Mar 15, 2012

Obtaining access to a user's LDAP DN after successful authentication

Hi,

 

 

During LDAP authentication in my APM policy, I can see from the logs that the user's

 

LDAP DN is retrieved from the directory in order to perform the final bind. Is the user's LDAP DN stored anywhere where I can access it later in an iRule? It doesn't seem to be stored in the ldap session variables...

 

 

 

2012-03-15 14:48:17 : LDAP agent: ENTER Function executeInstance

 

 

2012-03-15 14:48:17 : LDAP module: ENTER Function authenticateUser

 

 

2012-03-15 14:48:17 : LDAP module: ldap_initialize() successful. URI:'ldap://XX.XX.XX.XX:389'

 

 

2012-03-15 14:48:17 : LDAP module: ldap_simple_bind_s() successful, dn: cn=admin,ou=XXX,o=myorg,c=US

 

 

2012-03-15 14:48:17 : LDAP module: ldap_search_ext_s() successful. base: o=myorg,c=us, scope: 2,filter: 'uid=johndoe'

 

 

2012-03-15 14:48:17 : LDAP module: DN: cn=Doe John johndoe, ou=sales, ou=People, o=myorg,c=US retrieved

 

 

2012-03-15 14:48:17 : LDAP module: ldap_simple_bind_s() successful, dn: cn=Doe John johndoe,ou=sales,ou=People,o=myorg,c=US

 

 

2012-03-15 14:48:17 : LDAP module: LEAVE Function authenticateUser

 

 

2012-03-15 14:48:17 : LDAP agent: Auth (logon attempt:0): authenticate with 'johndoe' successfully

 

 

2012-03-15 14:48:17 : LDAP agent: LEAVE Function executeInstance

 

 

2012-03-15 14:48:17 : Executed agent '/Common/passport_act_ldap_auth_ag', return value 0

 

 

2012-03-15 14:48:17 : Following rule 'Successful' from item 'LDAP Auth' to item 'Logging(1)'

 

  • Please let me know if you figured this one out -- we are using APM for authentication from an LDAP source, and would like to provision resources based upon the OU of the user, but I'm not seeing this info as a session variable.
  • OK - feeling stupid now. Found it right after posting:

     

    session.ldap./Common/my_ldap_name_act_ldap_query_1_ag.attr.dn