Last Modified: Nov 07, 2022
Affected Product(s):
BIG-IP TMOS
Known Affected Versions:
13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.2, 13.1.1.3, 13.1.1.4, 13.1.1.5, 13.1.3, 13.1.3.1, 13.1.3.2, 13.1.3.3, 13.1.3.4, 14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4, 14.0.0.5, 14.0.1, 14.0.1.1, 14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.5, 14.1.0.6, 14.1.2, 14.1.2.1, 14.1.2.2, 14.1.2.3, 14.1.2.4, 15.0.0, 15.0.1, 15.0.1.1, 15.0.1.2, 15.0.1.3
Fixed In:
15.1.0, 15.0.1.4, 14.1.2.5, 13.1.3.5
Opened: Jul 25, 2018 Severity: 3-Major
'Invalid username or password.' error on the /mgmt/toc page after configuring remote authentication.
Cannot configure remote authentication. After configuring remote authentication, you can login to the mgmt/toc area with the admin user, but using a remote auth user ended up with 'You are not authorized to use this resource'.
When remote auth is configured.
On BIG-IP versions since 14.1.0.6 and 13.1.1.5: Enable 'Fallback to Local' in the remote auth config section on the BIG-IP system: tmsh modify auth source fallback true. Both local BIG-IP user 'admin' and LDAP user are now able to authenticate and access https://XX.XX.XX.XX/mgmt/toc. On other versions of BIG-IP software, there is no workaround.
When source type is set to a remote auth method, login now succeeds. If the remote server is unavailable, authentication now falls back to local authentication, if authentication source fallback is set to true.
This release allows fallback to local authentication. When the authentication source type is set to a remote authentication source, if the remote server is unavailable, authentication now falls back to local authentication, if authentication source fallback is set to true.