Am looking for a way to modify the cn of a LDAP bind request

Question

Am looking for a way to modify the cn of a LDAP bind request &nbsp;
&nbsp;Hoping it is possible for an iRule to rewrite a request from Novell eDirectory to Active Directory.&nbsp;
&nbsp;ie change 'cn=rauth,ou=pco,o=tetv' to rauth@acd.domain.&nbsp;&nbsp;
&nbsp;Hoping someone can lead me in the right direction, I can not find anything in the forums.&nbsp;&nbsp;
&nbsp;Thankyou

garth_ladlow_32 · Answer

I have the following which is close but it errors with the valid password&nbsp;
&nbsp;when CLIENT_ACCEPTED {  
&nbsp;    TCP::collect 
&nbsp;}&nbsp;
when CLIENT_DATA {&nbsp;
&nbsp;      set payload [TCP::payload] 
&nbsp;  
&nbsp;     regsub -all "cn=rad,ou=pco,o=etv" $payload "cn=rad,ou=earth,ou=thirdplanet,dc=aus,dc=somewhere" payload
&nbsp; 
&nbsp;     TCP::payload replace 0 [TCP::payload length] $payload&nbsp;
  TCP::release
&nbsp;  TCP::collect
&nbsp;}&nbsp;

hooleylist · Answer

Hi Garth, 
&nbsp;  
&nbsp; I imagine you could parse the TCP data to do this, but I haven't tried something like this before.  Joe added a great Codeshare example which parses LDAP requests to separate read and write requests.  You could use this as a start: 
&nbsp;  
&nbsp; http://devcentral.f5.com/wiki/default.aspx/iRules/LDAPProxy.html 
&nbsp;  
&nbsp; Aaron

Forum Discussion

Am looking for a way to modify the cn of a LDAP bind request

2 Replies

Recent Discussions

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5Access | MacOS Sonoma

Transaction looks successful but file not downloading

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

Related Content

A look on APT operations and using F5 BIG-IP features for mitigation

Looking for Setup Advice

BIG-IQ Applicaiton Service emails looking to modify email content to include a link

Distributed caching of authentication requests with NGINX Ingress Controller

Logging DNS Requests