Bug ID 436861: SecurID configuration files cannot be synchronized between multiple devices in trust

Last Modified: Nov 22, 2021

Bug Tracker

Affected Product:  See more info
BIG-IP APM(all modules)

Known Affected Versions:
11.3.0, 11.4.0, 11.4.1

Fixed In:
11.5.0, 11.4.1 HF2, 11.4.0 HF6

Opened: Nov 06, 2013
Severity: 2-Critical
Related Article:
K14931

Symptoms

If multiple APM devices are in a trust, it is not possible to perform an incremental sync of SecurID configuration files between them. The sync will fail with an error like this: Sync error <target device name>: Load failed from <source device name> 01070712:3: Caught configuration exception (0), verify_sync_result:() :Failed to sync files. - sys/validation/FileObject.cpp.

Impact

Sync operations on these files will fail.

Conditions

Any use of SecurID configuration files (tmsh section 'apm aaa securid <name> config-files') in a device group with 'full-load-on-sync false' (this is the default) will cause a sync failure.

Workaround

Use full load syncs to resolve the sync failure. In the GUI, run a sync with the 'Overwrite Configuration' box checked. In tmsh, run 'modify cm device-group <name> devices modify { <current device name> { set-sync-leader } }'.

Fix Information

Incremental synch of configuration files now work regardless of the sync type and prevent error messages for load failures.

Behavior Change