Forum Discussion
Hi Mark, Walter is right, although we've found that the APM LDAP Query action works best for this. You need to set up a query against your AAA server where the search filter is (sAMAccountName=%{session.logon.last.username}) and the required attributes are distinguishedName, sAMAccountName, and userPrincipalName. The searchDN should be the base OU where the users are located.
Then, you use a Variable Assign action to set the required variables:
Variable: session.logon.last.domain
Expression: expr { [string toupper [string map -nocase {,dc= .} [string range [mcget {session.ldap.last.attr.distinguishedName}] [expr [string first ",DC=" [mcget {session.ldap.last.attr.distinguishedName}] 0] +4] end ] ] ]}
Variable: session.logon.last.username
Expression: mcget {session.ldap.last.attr.sAMAccountName}