Bug ID 2202281: Primary Admin DB Change to Non-Existing User Results in Admin User Lockout

Last Modified: Jun 13, 2026

Affected Product(s):
BIG-IP LTM(all modules)

Fixed In:
17.5.1.6, 17.1.3.2

Opened: Jan 19, 2026

Severity: 3-Major

Symptoms

When the `systemauth.primaryadminuser` value is changed to a non-existing user, the primary admin value is updated to the non-existing user, resulting in an admin user lockout scenario.

Impact

-- The admin user becomes disabled, logged out of TMUI and TMSH, and is unable to log back in. -- If the root account login is also disabled, both the root and admin users are logged out of the system.

Conditions

When a user does not existing in the system and primary admin value is changed to non existing user value.

Workaround

None

Fix Information

When the primary admin DB is udated below operations takes place; in case of failure to update sys db these will get rollbacked. -> Writes localusers file -> Writes URP file -> Clears PAM cache -> Writes f5_public file

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips