Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

Local users account are not working in Big-iq.

F5_SJ
Cirrus
Cirrus

‎15-Feb-2023 09:25

I have created local users account with administrator role and permissions in F5 Big-iq to run some tests.

When I logout and login again with the user that I created, big-iq was giving me authentication failure message in both gui and cli. I used the correct password, verified audit logs just says authentication failed with no explanation.

Is this some bug or is it normal behavior of big-iq not to allow any local account other than admin.

Labels:
0 Kudos
6 REPLIES 6

Paulius
MVP
MVP

‎15-Feb-2023 11:05

@F5_SJ Any other local user that you create should work. Are you able to log in at all as this user or even the first login attempt doesn't work? Can you show us the settings for this new user?

0 Kudos

F5_SJ
Cirrus
Cirrus
In response to Paulius

‎15-Feb-2023 11:31

@Paulius :The first login attempt is not working.

auth user new user {

encrypted password xxxx

partition Common

partition access {

     all-partition {

           role admin 

    }

}

shell tmsh

}

0 Kudos

Paulius
MVP
MVP
In response to F5_SJ

‎15-Feb-2023 12:16

@F5_SJ Based on that output this user will not be able to log into CLI at all but should be able to log into the GUI. I created a user using the same settings as what you provided on a BIG-IQ that I have access to and I was able to log into the GUI. If you have remote authentication configured on your BIG-IQ you do have to click the drop down menu on the login page for the BIG-IQ and change it to "local" in order for it to work properly. If you do have remote authentication configured such as TACACS+ configured and you do not see this option at login it has been disabled in the configuration and you will have to enable the option to make the appropriate selection. Other than what has been mentioned here, if this doesn't work I recommend opening a case with F5 to see if they have a solution to your issue.

0 Kudos

F5_SJ
Cirrus
Cirrus
In response to Paulius

‎15-Feb-2023 13:16

@Paulius thanks for the response, I am not able to login in both cli and gui. I don't have remote authentication enabled in big-iq, that's why I am surprised why it is not working, is it bcoz this is normal big-iq behavior or some bug.

 

0 Kudos

Paulius
MVP
MVP
In response to F5_SJ

‎15-Feb-2023 13:34

@F5_SJ This could be a bug if your user has met password complexity and you still can't log in. I would open up a case with F5 to see if they can sort this out. Most likely they will want you to upgrade the code to the current supported so you might try that first. Since this device isn't critical to the functionality of the F5 devices it manages you might be able to perform the upgrade during business hours.

F5_SJ
Cirrus
Cirrus
In response to Paulius

‎27-Feb-2023 08:54

Thanks @Paulius I'll check it with support.

Copyright © 2023 Khoros, LLC