APM Cookbook: Modify LDAP Attribute Values using iRulesLX

Introduction Access Policy Manager (APM) does not have the ability to modify LDAP attribute values using the native features of the product. In the past I’ve used some creative unsupported solutio...
Published Sep 27, 2016
Version 1.0
BIG-IP Access Policy Manager (APM)
cookbook
iRulesLX
security
Gym's avatar
Gym
Icon for Cirrus rankCirrus
Dec 06, 2019

Slayer001

I've successfully implemented what you're trying to do, as a proof of concept. You need to modify the index.js in the iLX workspace. For example (what I did), you could add the following function that encodes the value, then call the function IF the attribute name is unicodePwd.

// From https://github.com/ldapjs/node-ldapjs/issues/92#issuecomment-29070786
function encodePassword(password) {
    return new Buffer('"' + password + '"', 'utf16le').toString();
}

To call that function, I inserted the following line just after the three LDAP variables are declared:

if (ldap_attribute == 'unicodePwd') { ldap_value = encodePassword(ldap_value) }