Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IP All, Install/Upgrade
Known Affected Versions:
11.6.0, 11.6.1, 11.6.2, 12.0.0, 12.0.0 HF1, 12.1.0 HF1, 12.0.0 HF2, 12.1.0 HF2, 12.1.1 HF1, 12.1.1 HF2, 12.1.2 HF1, 12.1.2 HF2
Fixed In:
12.1.0, 12.0.0 HF3, 11.6.3
Opened: Nov 03, 2014 Severity: 3-Major Related Article:
K16977
Unable to load config after upgrade or reboot if the admin account is disabled and replaced with a custom user. The system posts the message: 01070829:5: Input error: can't create user, role partition mapping, user does not exist, username, Unexpected Error: Loading configuration process failed. On single-NIC virtual deployments, if the admin account is disabled and replaced with a custom user, the system will experience this issue any time the system is rebooted. Logs similar to the following may appear in /var/log/ltm: notice sod[6214]: 010c005e:5: Waiting for mcpd to reach phase base, current phase is platform. notice mcpd[4672]: 01070829:5: Input error: can't create user, role partition mapping, user does not exist, security err tmsh[7444]: 01420006:3: Loading configuration process failed. emerg load_config_files: "/usr/bin/tmsh -n -g load sys config partitions all base" - failed. -- 01070829:5: Input error: can't create user, role partition mapping, user does not exist, security Unexpected Error: Loading configuration process failed. err mcpd[4672]: 01070422:3: Base configuration load failed.
You cannot upgrade if the root admin account is disabled. On single-NIC virtual deployment configurations in version 12.0.0, the system fails to load the configuration after a reboot.
This occurs when upgrading or rebooting a system on which the root admin account is disabled and replaced with a custom admin user account. This occurs on single-NIC virtual deployments in version 12.0.0, when a system on which the root admin account is disabled and replaced with a custom admin user account is rebooted. To verify single-NIC is enabled: tmsh list sys db provision.1nic. To verify a custom administrator has been defined: tmsh list sys db systemauth.primaryadminuser.
There is no workaround for this issue. To resolve this issue, you can reboot the BIG-IP system back to the previous working boot location that has the admin user disabled. For single-NIC virtual deployments, you can re-enable the default admin user account. To do so, perform one of the following procedures: Impact of workaround: Since the BIG-IP System is already in the inoperative state, performing the following procedure should not have a negative impact on your system. Rebooting the BIG-IP system back to the previous working boot location: Log in to the Traffic Management shell (tmsh) by typing the following command: tmsh To reboot the BIG-IP system to the desired boot location, type the following command syntax: reboot volume <boot_location> Re-enabling the default admin user account on BIG-IP system (for single-NIC virtual deployments): Azure BIG-IP Virtual Edition (VE): Log in to tmshby typing the following command: tmsh Re-enable the default admin user account by typing the following command: modify /sys db systemauth.primaryadminuser value admin Re-load BIG-IP configuration by typing the following command: load /sys config Amazon Web Services BIG-IP VE: Log in to tmshby typing the following command: tmsh Re-enable the default admin user account by typing the following command: modify /sys db systemauth.primaryadminuser value admin Update the password for the default admin user by typing the following command syntax: modify /auth user admin password <password> Re-load BIG-IP configuration by typing the following command: load /sys config
Can now successfully load the configuration after upgrade if the admin account is disabled and replaced with a custom user, and no 'Input error: can't create user' error occurs.