No AD authentication after upgrading to BigIP-V12HF1

I have experienced the same...tried some tweaks but not restored yet.

Neroposting this years later. I recently had this issue, upgrading from 13.x to 14.x From tmsh I enabled the admin user: modify auth user admin prompt-for-password

 

Once I logged in to the GUI as admin, I could manually re-add the users for the GUI. This is not optimum. I am working with support now for a resolution.

 

Were you originating AD authentication from the management port before the upgrade?

 

I've seen cases on earlier versions where administrative traffic that was previously being originated from the management port, started using the service interfaces on the default route on the default routed domain %0 after the upgrade, instead of the default route on the management interface.

 

Have you done any packet captures to see the F5 attempts to connect to AD?

 

If you do the captures and validate that's the situation, you can use this article:

 

https://support.f5.com/csp/article/K13284

 

Thanks for the answer. I did a capture and sent it to support, have not yet heard back. I can look at the management port on the one that is online (this is a HA pair):

 

root@(dc2-bigip-test)(cfg-sync Disconnected)(Active)(/Common)(tmos) list /sys management-ip sys management-ip 10.10.29.60/24 { description configured-statically

 

And this is the management port of the one that is offline (that we are working on).

 

root@(dc1-bigip-test)(cfg-sync Disconnected)(ForcedOffline)(/Common)(tmos) list /sys management-ip sys management-ip 10.10.29.59/24 { description configured-statically }

 

So, they at least exist! Looking at the pcap file I generated/sent, I can at least see LDAP communication between our BigIP and the domain controller (for our AD) that says, "success".