Manual Chapter :
About AD Group Lookup
Applies To:
Show Versions
BIG-IP APM
- 15.1.10, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0
About AD Group Lookup
An AD Group Lookup item can branch based on Active Directory group. The item provides one default advanced branch rule expression, , as an example.
expr
{ [mcget
{session.ad.last.attr.primaryGroupID
}] == 100
}A branch rule expression can include any populated session variable, such as is a valid expression.
session.ad.last.attr.primaryGroupID
, session.ad.last.attrmemberOf
, session.ad.last.attr.lastLogon
, session.ad.last.attr.groupType
, session.ad.last.attr.member
, and so on. As an example, expr
{ [mcget
{session.ad.last.attr.memberOf
}] contains "CN=Administrators"
An AD Query action can populate the session variables.
