Forum Discussion
Jason_46956
Nov 07, 2011Nimbostratus
Using different field to identify user when using Active Directory as AAA server
All,
As the Subject/Summary says - we would like to use an alternate field for the identification of the user.
We were previously using LDAP and it was a simple matter to customise the query, but with using Active Directory there does not appear to be an option to do this.
I suspect it would be possible to do this using a LDAP Query before the AD Auth steps, but not exactly sure how to tie the two steps together.
Can anyone point me in the right direction?
Thanks,
Jason
- nitassEmployeenot sure if i understand correctly. when i configure active directory user authentication (system > users > authentication), the configuration is under auth ldap system-auth portion (b auth ldap list all). isn't it configurable as ldap?
Jason,
- Jason_46956NimbostratusNot sure what happened with my original Subject line, but the important bit of information missing is that this is using the APM module.
- HamishCirrocumulusGut feeling is that you should be able to do this in an iRule... but I haven't looked too hard at how easy it would be.
- What we would like is for the user to be able to use their email address instead of using their sAMAccountName to identify themselves.
- HamishCirrocumulusI've been looking at this today... I think you could do a mapping within the VPE for this... Maybe...
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects