APM AD Query Search Filter options

Question

Good Morning&nbsp;
I have an AD Query used in a multi domain policy.  the policy appends domain so login is fine however, however the AD Query fails as some Users do not have a UPN.&nbsp;
IN the AD Query how can I tell it to search for one or the other?&nbsp;
Works for some (sAMAccountName=%{session.logon.last.username})
Need this for the others (CN=%{session.logon.last.username}) as that attribute is set for all.&nbsp;
thanks&nbsp;

josiah_39459 · Answer

Sounds like you need to use an Empty box in the VPE with branch rules to check the domain session variable (session.logon.last.domain usually, or wherever else you are storing it). Then you can send one group of users to one AD query and send the other group of users to the other one.

ruggerfly1 · Answer

For the 2nd AD Query will this work Search Filter?  Was thinking it might be LDAP only.  If so then I could use the variable based off domain and send UPN to AD Query, other to LDAP query.

(CN=%{session.logon.last.username})

josiah_39459 · Answer

There's no real reason to use AD query over LDAP query, so just go with the LDAP query.

ruggerfly1 · Answer

thank you!

Forum Discussion

APM AD Query Search Filter options

4 Replies

Recent Discussions

[ASM] - what is "Browser Challange file" ?

Rewrite uri translation not working

no available managed rule groups for Israel il-central-1

About shun list for L7 DDoS?

CONNECTION IS LOST DUE TO SELF IP IS DELIVERED

Related Content

F5 Distributed Cloud - Customer Edge Site - Deployment & Routing Options

Kubernetes architecture options with F5 Distributed Cloud Services

How to search the latest security academic papers

F5 BIG-IP deployment with OpenShift - platform and networking options

F5 BIG-IP deployment with OpenShift - publishing application options