Last Modified: Apr 28, 2025
Affected Product(s):
BIG-IP APM
Known Affected Versions:
16.1.0, 16.1.1, 16.1.2, 16.1.2.1, 16.1.2.2, 16.1.3, 16.1.3.1, 16.1.3.2, 16.1.3.3, 16.1.3.4, 16.1.3.5, 16.1.4, 16.1.4.1, 16.1.4.2, 16.1.4.3, 16.1.5, 16.1.5.1, 16.1.5.2, 17.1.0, 17.1.0.1, 17.1.0.2, 17.1.0.3, 17.1.1, 17.1.1.1, 17.1.1.2, 17.1.1.3, 17.1.1.4, 17.1.2, 17.1.2.1
Opened: Dec 08, 2022 Severity: 2-Critical
NTLM authentication may stop working after a TMM restart or upgrade. ECA debug logs similar to the following: Dec 8 06:25:44 bigip1 debug eca[18424]: 01620012:7: eca_module_ntlm.cpp:795 ntlm_cfg_process_op_find_set_cfg, err = ECA_ERR_NOT_FOUND Dec 8 06:25:44 bigip1 debug eca[18424]: 01620012:7: eca_module_ntlm.cpp:730 ntlm_cfg_handler, err = ECA_ERR_NOT_FOUND bigip1 err eca[18424]: 0162000e:3: Invalid argument (/Common/ntlm-f5lab-config) Dec 8 06:25:44 fbigip1 err eca[18424]: 0162000e:3: Invalid metadata (select_ntlm:/Common/ntlm-f5lab-config)
NTLM authentication problems, HTTP 503 error page returned to client.
TMM restart, upgrade
In the GUI, navigate to Access ›› Authentication : NTLM : NTLM Auth Configuration ›› affected-ntlm-config. Edit the FQDN, leave it the same, and save the configuration. or Run the following command: bigstart restart nlad
None