LDAP proxy - send write requests to a second pool member

Question

We are trying to migrate our LDAP users from eDirectory to AD. Using Novell DirXML, we can sync most LDAP attributes to AD, but not the passwords. We use LDAP for our web based application authentication using CA Siteminder. Using Siteminder, our external users change their passwords using a link inside our site. One solution to our problem could be an LDAP proxy that when it receives a LDAP modify command for the password attribute, it also sends the command to the AD LDAP server, in this way in time, the passwords get in sync between eDirectory and AD. Can F5 do this using iRules?  
&nbsp; Thanks.

nicolas_menant · Answer

Hi, 
&nbsp;  
&nbsp; You should be able to write a LDAP proxy to do this. You have an example of LDAP proxy here: Click here 
&nbsp;  
&nbsp; HTH &nbsp;

johns · Answer

I have a similar requirement with LDAP, where I need LTM to parse the request and send to 2 different pools based on OU.  If it is company.xyz.com, then it goes to pool1, and company.xyz.net, then pool2.  Looks like this is possible looking at the LDAP proxy rule referenced.   
&nbsp;  
&nbsp; Also, looks like the LDAP binding in the rule is using the client's credential, correct? 
&nbsp; Thanks.

Forum Discussion

LDAP proxy - send write requests to a second pool member

2 Replies

Recent Discussions

SMS server with BIGIP

F5 terminal - help to run commands - disk space full

Can iRule be used to perform exception of IPI category based on Geolocation

[ASM] - what is "Browser Challange file" ?

LDAPS and renegotiation

Related Content

Logging DNS Requests

Distributed caching of authentication requests with NGINX Ingress Controller

DevCentral's Featured Member for February - Edouard Zorrilla

DevCentral's Featured Member for March - Thomas Dahlmann

DevCentral's Featured Member for April - Mihai Cziraki