we are using the Loop "function" in a APM policy to handle the Login page
in this loop we need to separate different possible login methods (email, loginname,….) which we do in a iRule.
We found...
what we do first is to give to user the option to login with the username, email upn and also older Domain\Username versions, second if we have identified the user we need to know the country (for only one special country) to authenticate on a other DC. We have a iRule Event after the Logon Page and there we get the username from the logonpage
set logonname [string trim [string tolower [ACCESS::session data get {session.logon.last.username}]]]
and after all the logic we set the logontype and the required field via
ACCESS::session data set
.
Via the BranchRules (of the Irule Event) and the logontype we choose different LDAP Query with corresponding SearchFilter using the Values set in the iRule
I also opened a Case and uploaded a qkview to ihealth