For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Mike_Harpe_6170's avatar
Mike_Harpe_6170
Icon for Nimbostratus rankNimbostratus
Feb 25, 2011

SharePoint 2007 with DoD CAC authentication

I have a Sharepoint 2007 installation that wants to convert to CAC authentication. We have a BIG-IP LTM running the 9.4.8 code and the ACA module.     I need some guidance on what gets setup whe...
microsoft
partner
Anthony_Graber's avatar
Anthony_Graber
Icon for Employee rankEmployee
Nov 07, 2013

Carlos,

You can use this iRule, applied to the virtual server, and change the ID in the VPE to CERTPROC.

    when ACCESS_POLICY_COMPLETED {
    ACCESS::session data set session.logon.last.username [ACCESS::session data get "session.ldap.last.attr.sAMAccountName"]
}
when ACCESS_POLICY_AGENT_EVENT {
if { [ACCESS::policy agent_id] eq "CERTPROC" } {
    if { [ACCESS::session data get session.ssl.cert.x509extension] contains "othername:UPN<" } {
        ACCESS::session data set session.custom.upn [findstr [ACCESS::session data get session.ssl.cert.x509extension] "othername:UPN<" 14 ">"]
    }
    }
}
Shaun_Simmons's avatar
Shaun_Simmons
Icon for Employee rankEmployee
Feb 27, 2020

Dude ... 6 years ago, is still relevant today for SharePoint 2016 ha! Thank you for posting!! You Rock!