So we have an issue where it sometimes takes us multiple times to log into the GUI interface of our LTMs. even if our username and password is correct, it will still hang or say "login failed" until we try again and then eventually, we are allowed in. Any ideas as to why this happens?
We are using Remote Role Groups and LDAP Auth. No Local
Did you checked the audit logs for failed attempts? Logs are available at /var/log/audit
I did. it said something along the lines of info httpd(pam_audit): 01234567:8: AUDIT - user username - RAW: httpd(pam_audit): User=j.smith tty=(unknown) host=10.10.10.10 failed to login after 1 attempts (start="Mon Jan 1 12:00:00 2019" end="Mon Jan 1 12:00:02 2019").
I saw that this article explained that this was a bug inside the Big-IP system. https://support.f5.com/csp/article/K54339562 but we're on version 14.x.x.x which it was supposed to be patched in. Is that still the case?
are you on 188.8.131.52 or higher within 14? then it should be fixed indeed
a packet capture on the LDAP traffic might be useful, is it indeed a timeout issue or something else?
I'm thinking it is a timeout issue with our F5 having issues talking to our DCs. I'm thinking it might be hard because we also use LDAP as Authentication for some of our APMs. I'll definitely try that out.
ah yeah that complicates things some. still if you capture full traffic you can search on the admin username. just be sure they dont also login to APM at the same time.