Bug ID 1437765: Restoration of system configuration database may fail if admin user was previously modified

Last Modified: Oct 21, 2024

Affected Product(s):
F5OS F5OS-A(all modules)

Known Affected Versions:
F5OS-A 1.5.1

Fixed In:
F5OS-A 1.8.0, F5OS-A 1.5.2

Opened: Dec 12, 2023

Severity: 3-Major

Symptoms

The restoration of the System Configuration Database fails with this error: appliance-1(config)# system database config-restore name config_database1 proceed yes Error: access denied Database config-restore failed.

Impact

Unable to restore the System Configuration Database.

Conditions

In F5OS-A 1.5.1, the expiry status of the ‘admin’ user has been modified even before the System Configuration Database is saved and restored on the device that is currently installed after RMA/factory or F5OS clean install.

Workaround

1. In F5OS-A 1.5.1, it is recommended not to lock or modify the expiry status of the ‘admin’ user on the RMA/factory or clean installed appliance. If modified, enable the user before taking the backup. 2. Edit the System Configuration Database backup file. For the admin and root user, remove the next line which is highlighted by the arrow, then restore the configuration using the modified file: <username>admin</username> <config> <username>admin</username> <password><REMOVED></password> <last-change>0</last-change> <expiry-date>-1</expiry-date> <role>admin</role> <expiry-status>enabled</expiry-status> <---

Fix Information

None

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips