Forum Discussion

jasonstielow_24's avatar
jasonstielow_24
Icon for Nimbostratus rankNimbostratus
Dec 28, 2015

iRule that redirects based on LDAP attribute

All,

I am new to iRules so if this question has been answered I apologize.  I am looking to write an iRule based on an LDAP attribute.  Basically if the attribute = staff then they will be redirected to abc.com.  If the attribute = student they are redirected to xyz.com.  Can someone help in this scenario?  If this has been answered please point me to the thread as I am unable to find it.
application delivery
irule
iRules
LTM

5 Replies

Sort By
  • Stanislas_Piro2's avatar
    Stanislas_Piro2
    Icon for Cumulonimbus rankCumulonimbus
    Dec 28, 2015

    Hi,

     

    which product are you using??? APM?

     

    if it is APM, you can assign pool members based on LDAP attributes in VPE...

     

  • jasonstielow_24's avatar
    jasonstielow_24
    Icon for Nimbostratus rankNimbostratus
    Dec 29, 2015
    We are trying to create an iRule that will route the traffic based on an LDAP query. Here is the scenario. 1.User navigates to https://webmail.cuw.edu (This is a VIP on the F5 LTM) 2.The VIP load-balances to two servers that offer up a LDAP login page. 3.Based on the LDAP account the user will get routed to one of two locations. If they are staff they will be routed to the internal Outlook server. If they are a student they will get routed to a cloud based Outlook solution. 4.In both instances the user login credentials need to be passed to the email destination so they do not have to login again.
  • jasonstielow_24's avatar
    jasonstielow_24
    Icon for Nimbostratus rankNimbostratus
    Dec 29, 2015

    Ok, we have enabled the limited use of APM to see if we can get this working, can someone help me in how to configure APM for this scenario?

     

  • Kai_Wilke's avatar
    Kai_Wilke
    Icon for MVP rankMVP
    Dec 31, 2015

    Hi Jason,

     

    you could also try to put the LDAP query onto an internal web server and use some iRule based Sideband connection to access the query page results. It wouldn't require APM but some developing skills.

     

    BTW: I'm somewhat sure that iRuleLX would support your LDAP query, too. But didn't played that much with this shiny feature to be sure.

     

    Cheers, Kai