Technical Forum
Ask questions. Discover Answers.
cancel
Showing results for 
Search instead for 
Did you mean: 
Custom Alert Banner

Local users account are not working in Big-iq.

F5_SJ
Cirrus
Cirrus

I have created local users account with administrator role and permissions in F5 Big-iq to run some tests.

When I logout and login again with the user that I created, big-iq was giving me authentication failure message in both gui and cli. I used the correct password, verified audit logs just says authentication failed with no explanation.

Is this some bug or is it normal behavior of big-iq not to allow any local account other than admin.

6 REPLIES 6

Paulius
MVP
MVP

@F5_SJ Any other local user that you create should work. Are you able to log in at all as this user or even the first login attempt doesn't work? Can you show us the settings for this new user?

@Paulius :The first login attempt is not working.

auth user new user {

encrypted password xxxx

partition Common

partition access {

     all-partition {

           role admin 

    }

}

shell tmsh

}

@F5_SJ Based on that output this user will not be able to log into CLI at all but should be able to log into the GUI. I created a user using the same settings as what you provided on a BIG-IQ that I have access to and I was able to log into the GUI. If you have remote authentication configured on your BIG-IQ you do have to click the drop down menu on the login page for the BIG-IQ and change it to "local" in order for it to work properly. If you do have remote authentication configured such as TACACS+ configured and you do not see this option at login it has been disabled in the configuration and you will have to enable the option to make the appropriate selection. Other than what has been mentioned here, if this doesn't work I recommend opening a case with F5 to see if they have a solution to your issue.

@Paulius thanks for the response, I am not able to login in both cli and gui. I don't have remote authentication enabled in big-iq, that's why I am surprised why it is not working, is it bcoz this is normal big-iq behavior or some bug.

 

@F5_SJ This could be a bug if your user has met password complexity and you still can't log in. I would open up a case with F5 to see if they can sort this out. Most likely they will want you to upgrade the code to the current supported so you might try that first. Since this device isn't critical to the functionality of the F5 devices it manages you might be able to perform the upgrade during business hours.

Thanks @Paulius I'll check it with support.