For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Nfordhk_66801's avatar
Nfordhk_66801
Icon for Nimbostratus rankNimbostratus
Feb 25, 2015

Those numbers don't increment at all. I even copied and paste the name. I added the logging 

when RULE_INIT {
 set static::THIS_DOMAIN ".insertdomain.com"
 log local0. 
}

when ACCESS_POLICY_AGENT_EVENT {
 if { [ACCESS::policy agent_id] eq "get_computer_name" } {
 log local0.

set computer [string tolower [ACCESS::session data get "session.windows_info_os.last.computer"]]
foreach x [split $computer "|"] {
  if { $x ends_with $static::THIS_DOMAIN } {
    set machinename [lindex [split $x "."] 0]
    ACCESS::session data set session.custom.computer $machinename
    return
  }
}
}
}

I think this is all it gave:

Feb 25 14:13:33 nho-bigip-test info tmm[14917]: 01220002:6: Rule /Common/get_computer_name : local0.

Feb 25 14:13:33 nho-bigip-test info tmm1[14917]: 01220002:6: Rule /Common/get_computer_name : local0.

Nfordhk_66801's avatar
Nfordhk_66801
Icon for Nimbostratus rankNimbostratus
Feb 25, 2015
Doh! Sorry Seth, I wasn't aware it still needed to be applied to the VS in this scenario. I went ahead and did that. I see tons more information in the logs now. Still failing access but now the iRules are executing. Also there is no more blank fields for the AD query portion. I see the correct DN for the server, it's matching my branch rule. Not sure why it would be failing here.