Add UPN to existing policy

Question

I have an existing access policy - login page ---- ad auth ---  sso.  I need to add userprincipalname as a username option. &nbsp;
Do I add ad query before ad auth or add a branch rule to the login page?&nbsp;

the-messenger · Accepted Answer

&nbsp;As Stanislas_Piro2 has pointed out in several threads...- Add LDAP/AD query to get samAccountName- Added a Variable Assign session.logon.last.username = expr { "[mcget {session.ldap.last.attr.sAMAccountName}]" }(I've never been able to get SSO-Credential Mapping to change the username to sAMAccountName)From here APM will work with the samAccountName,&nbsp; just do AD Auth whatever else you need.Then I need to change the username back to UPN for the application.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;

Forum Discussion

Add UPN to existing policy

1 Reply

Recent Discussions

F5Access | MacOS Sonoma

Transaction looks successful but file not downloading

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

F5 loadbalancer not working

Related Content

Add LTM to existing HA pair

Access policy, LTM policy and iRules

Manage F5 BIG-IP Advanced WAF Policies with Terraform (Part 1 - Policy Creation)

Manage F5 BIG-IP Advanced WAF Policies with Terraform (Part 5 - Working with Policy Builder)

APM add 2 different types of RSA on the same policy