Sideband call to IIS for password reset not working

I'm trying to set up a page where users can reset their own passwords by entering their username and receiving a one-time-passcode to their email (domain password and email passwords are separate).

My current policy flow starts with a logon page with only the username field and a submit button, which puts the username into a session variable and uses that as the search base to populate the other attributes via an AD Query block.

It then generates a OTP and emails it to the email address stored in the %{session.ad.last.attr.mail} that was grabbed from the last step. The OTP is generated via %{session.otp.assigned.val}.

The policy then comes to another logon page where the user takes the OTP from their email and enters it in the field and submits.

Next is an OTP Verify block which verifies the OTP and presents either a success or failure message.

Here is where i'm having trouble:

I've created an iRule event after the success message, and set the ID to "sideband".

I'm not exactly sure where to place the irule itself, so i've placed it on the VS that is connected to the access policy.

Here's the iRule that i've pieced together via the limited information I could find on sideband connections;

when ACCESS_POLICY_AGENT_EVENT {

   if { [ACCESS::policy agent_id] == "sideband" } {

    set conn [connect -timeout 3000 -idle 30 -status conn_status 192.168.96.33:80]

    log local0. "Connect returns: <$conn> and conn status: <$conn_status>"

    set username [ACCESS::session data get {session.logon.last.username}]

    set data "GET /?username=$username HTTP/1.0\r\n\r\n"

    set send_info [send -timeout 3000 -status send_status $conn $data]

    set recv_data [recv -timeout 3000 -status recv_status $conn]

    close $conn

    log local0. "Closed; conn info: <[connect info -status $conn]>"

   }

}

I checked the stats on the iRule itself and can see that it's only been executed once, although i've tried to test this policy flow multiple times.

Any help would be great, I got this idea from another devcentral post where this concept was introduced but unfortunately not enough information was given on specifics.

Thanks all,

Cheers.