Forum Discussion

Khyler's avatar
Khyler
Icon for Altostratus rankAltostratus
Jan 21, 2021

Is it possible to do a secondary query in VPE?

Currently, the manager attribute is mapped in an AD Query object under required attributes, however, that returns the distinguished name for the user's manager.

 

I have a piece of custom code to trim/format that and turn it into just firstname(space)lastname, but one of our applications is looking for sAMAccountName.

 

Is there any way to query AD a second time (probably without the custom formatting, since we have some users with the same first/last names) so that it will return the manager's username and put that into a custom session variable?

 

I'm open to custom TCL code that can be placed in the VPE flow, or if it's possible to do with an iRule i'm happy with that as well.

 

Any help would be greatly appreciated.

6 Replies

  • Hi,

     

    You can perform the AD query as many times as you like. Also with and without custom formatting.

    Just add the extra AD query agent in your policy in the correct place.

     

    Cheers,

     

    Kees

    • Khyler's avatar
      Khyler
      Icon for Altostratus rankAltostratus

      ok so say i'm logging in, the original AD query pulls my "manager" attribute, and returns the distinguished name "CN=John Smith,OU=something,OU=something, etc.", how do i then use another AD query as you're saying, to pull John Smiths' samaccountname?

      • You could do this in the first query. Add the sAMAccountname in the required attributes (see screenshot).