Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions
Custom Alert Banner

Are you an expert?    Interested in presenting at F5 AppWorld 2024?    Submit a proposal by Nov 29th!

Complex AD Query

ak2766
Nimbostratus
Nimbostratus

‎29-Mar-2022 05:52

I've seen THIS THREAD and although helpful in understanding the syntax, it did not help for my specific situation,

We have an IdP that authenticates users via their uid.  As such, I've configured the searchFilter as uid=%{session.logon.last.username} and this is currently working well.  However, I'm trying give the end user the flexibility of entering either sAMAccountName || email || uid.  I'm looking for something similar to this logic:

get details of user where %{session.logon.last.username} matches sAMAcccountName || email || uid
send uid of matched user to RADIUS

 If this is doable, how?

Labels:
0 Kudos
1 REPLY 1

Dario_Garrido
MVP
MVP

‎01-Apr-2022 02:47 - edited ‎01-Apr-2022 02:47

Hello ak2766.

Have you tested with this sentence in your searchFilter field?

 

(|(uid=%{session.logon.last.username})(email=%{session.logon.last.username})(sAMAccountName=%{session.logon.last.username}))

 

Also, my recommendation is to use ldapsearch command to check if the query is getting all that you need and after that, translate it to the LDAP/AD query.

 

Regards,
Dario.
0 Kudos
Copyright © 2023 Khoros, LLC