Have some code. Share some code.
Showing results for 
Search instead for 
Did you mean: 
Custom Alert Banner

Problem this snippet solves:

How to login to F5 using APM policies and choosing which active directory to login in to from the login page.

How to use this snippet:

After creating virtual servers and everything to access a web application that requires login, you can use APM to configure user authentication and you can give the user a choice to select which active directory they can use. This is going to be helpful in case we have a single login page for internal and external users and those two types of users reside in two different active directories.

Here is the policy0151T000003d9DHQAY.PNG

I am using APM internal login page in this scenario.

Next is to add a drop-down list to the login page


After that, you can add an Empty action and this is where you are going to configure your branches based on the selection made from the drop down in the login page.


The user can now choose and login to the appropriate Active Directory.

Code :

// Expression for the Empty Action item

// Active directory 1, use branch 1
expr { [mcget {session.logon.last.domain}] == 1 }

// Active directory 2, use branch 2
expr { [mcget {session.logon.last.domain}] == 2 }



when you configure a filter between logon page and Authentication box (whatever authentication method used), max authentication attempts must be set to 1.


if max authentication attempts are more than 1, following attempts will follow the same path than the first attempt even if condition is changed.


if you want to support more than 1 attempt, you must include logon tree in a macro with macro loop.


another point is you can add branches in logon page box instead of dedicated box.


Version history
Last update:
‎07-Dec-2016 12:30
Updated by: