Forum Discussion
NimbostratusRemote Role configuration - Terminal Access
Hi all,
I've started looking again at LDAP authentication for our F5's again.
I've got th LDAP group set up and can log in just fine. But its the Terminal Access which is bugging me. I don't want TMSH, but I do want something, but I just can't find a value that is accepted when you select Other from the drop down list.
All users in the LDAP group are administrators, so full access is required. When the accounts were set up individually, Advanced Shell would be used - so this would be ideal.
Thanks in advance.
Ant
10 Replies
- nitass
Employee
All users in the LDAP group are administrators, so full access is required. When the accounts were set up individually, Advanced Shell would be used - so this would be ideal.i understand advanced shell is not an option.
sol10272: Accessing the bash shell as a remotely authenticated user
http://support.f5.com/kb/en-us/solutions/public/10000/200/sol10272.html 
AnthonyThanks very much nitass, I will have a read.
Ant- AnthonyOk that works fine.
Do you happen to know if there is a way to execute the run /util bash command upon login, much like a .profile file?
Thanks again,
Ant - nitassDo you happen to know if there is a way to execute the run /util bash command upon login, much like a .profile file?i am not aware of it. anyway, in case of bigpipe, you may have a look "/usr/bin/bpsh" script file but, you know, modifying file content is not officially supported.
by the way, there is request for enhancement to allow bash for remote user as below. you may open a support case to expedite the process.
ID358740 - RFE Allow bash as a shell option for remote users - AnthonyHi, I stumbled upon a topic which recommended changing the /etc/passwd file and adding a line in the for the remote log in name such as:
my_remote_user:x:0:0:my_remote_user:/home/my_remote_user:/bin/bash
I have done this and it works just fine for what I need so I'm happy now. I think the shell option for remote users would be advantageous though in a future release.
Thanks again for your help as always!
Ant - Kevin_StewartJust remember that it'll get overwritten if you modify the accounts in the GUI or via TMSH.
- nitassI stumbled upon a topic which recommended changing the /etc/passwd file and adding a line in the for the remote log in name such as:
my_remote_user:x:0:0:my_remote_user:/home/my_remote_user:/bin/bash if i do not misremember, you can create local user via gui or tmsh, password will be checked against ldap server (i.e. local user password is not used) but local user shell will be used. 
Mathew_58740iS THERE ANY OPTION THAT IT CAN BE AUTHENTICATED WITH REMOTE USER ITSELF WITHOUT CONFIGURING THE USERS IN F5
- Mathew_58740
iS THERE ANY OPTION THAT IT CAN BE AUTHENTICATED WITH REMOTE USER ITSELF WITHOUT CONFIGURING THE USERS IN F5
- Mathew_58740
iS THERE ANY OPTION THAT IT CAN BE AUTHENTICATED WITH REMOTE USER ITSELF WITHOUT CONFIGURING THE USERS IN F5
