Last Modified: Aug 01, 2024
Affected Product(s):
F5OS F5OS
Fixed In:
F5OS-C 1.6.0, F5OS-A 1.7.0, F5OS-A 1.5.0, F5OS-A 1.4.0
Opened: Aug 15, 2022 Severity: 2-Critical
An LDAP user configured with groups for both admin and operator roles only receives operator permissions.
A user with this config would be assigned only operator permissions.
LDAP user configured with gidNumber assignments for both admin and operator roles.
Only configure the gidNumber for the desired role in LDAP for the user. Do not configure multiple roles for the same user.
There was an error in the NACM rules for ConfD config. The role logic has been fixed.