cancel
Showing results for 
Search instead for 
Did you mean: 

Direct to pool or VS based on logon domain

The-messenger_1
Nimbostratus
Nimbostratus

I have a login page where users can select from 2 Active Directory domains, one will get a page with a menu of options, for the other I would like to send them to a specific pool or VS, whichever is better.

 

What's the best way to do this?

 

VPE decision? Irule?

 

3 REPLIES 3

The-messenger
Cirrus
Cirrus

DomainA is top DomainB is bottom.

 

Users in DomanB are directed to the VS/pool. Users in Domain should get redirected to a separate VS or redirect to a host.

 

0691T000006Aq8ZQAS.png

 

The VS/Pool for DomainB is simply a landing page for SSO to other resources. Users in DomainA only have access to one of those resources, so I want to take them directly to that resource.

 

Stanislas_Piro2
Cumulonimbus
Cumulonimbus

You can use VPE pool assignment (from pool assign help)

 

Pool Assignment

 

In a per-session policy, the Pool Assign agent enables session-based pool selection from among valid pools in this priority order: a pool selected by an iRule that is defined for the virtual server takes precedence over any other; a static pool defined in the Pool Assign agent takes precedence over a static pool defined for the virtual server.

 

In a per-request policy, the Pool Assign agent enables request-based pool selection for reverse proxy (LTM+APM) configurations only. In a per-request policy, the pool specified by the Pool Assign agent is assigned.

 

or use an irule

 

when ACCESS_ACL_ALLOWED { if {[ACCESS::session data get session.logon.last.domain] equals Domain_A} { pool pool_A } else { pool pool_B }

The-messenger
Cirrus
Cirrus

This iRule got it for me.

 

when HTTP_REQUEST { if {[ACCESS::session data get session.logon.last.domain] equals "domain1"} { HTTP::header replace Host "target.host.com" HTTP::redirect ";; }

 

}