Forum Discussion

David_20479's avatar
Icon for Nimbostratus rankNimbostratus
Jan 23, 2012

REGEX syntax for APM NTLM Auth

Looking for REGEX syntax assistance with my APM policy.


need to change to domain\user




something like:


session.user = expr { [regsub\(.*\)@\(.*\)/\2\\\1} [mcget {session.logon.last.username}] ""] }


8 Replies

  • Hi David,



    Can you one of these?



    Prepend a static domain to the username


    [concat "DOMAIN\\[mcget {session.logon.last.username}]" ]






    Translate from user@domain to domain\user


    [regsub -all {(.*)@(.*)} [mcget {session.logon.last.username}] {\2\\\1}]



  • Thanks for your help Hoolio. This was a success.


    However i did find a bug where it appends '5c' before the username:



    AD agent: Query: query with '(sAMAccountName=domain\5cuser)' failed



  • 5c is a hex encoded backslash. That does seem like a bug. Can you open a case with F5 Support on this?



    You can also check SOL11101 for a possible solution to remove the domain:



    sol11101: Configuring the SSO credential mapping action to remove the domain name from a username




  • Or maybe this to remove the 5c:



    [string map -nocase {5c ""} [regsub -all {(.*)@(.*)} [mcget {session.logon.last.username}] {\2\\\1}]]



  • Hi David,



    Did you find a solution that will work for you?



  • Hi Hoolio,



    I had success with the regex, however was still seeing the "5c" injected between domain\ & username (i.e. domain\5cusername)



    Once I ticked the option of "username conversion" in my SSO configuration, this fixed the 5c issue.



    Im still perplexed as to why it would insert a hex representation of "\"? :S



    Thanks again for sharing all your knowledge and assistance.



  • I suggest opening a case on the conversion of the backslash to the hex 5c. It would be helpful to document the issue and get it fixed.



  • I have a very similar situation. I'm running 11.1 HF1 and doint multiple AD domain authentication. With 11.1 APM has no issue identifying the domain if the user types domain\username but if the user types domain/username it sets the username as domain/username and of course user is not going to authenticate. So I'm writing a regular expression to identify if the session.logon.last.username contains / to take the domain value up to the / and set the session.logon.last.domain to that value and set the rest of the string as the session.logon.last.username. I have the expr {[mcget {session.logon.last.username}] contains "/"} and I need to embed the action to set the domain and username values into variables by using ^|\/.+ which just takes the domain info and .+\/|^ which just takes the username. Any ideas how I can embed that info the contains /? Thanks for your help