Bug ID 492122: Now Windows Logon Integration does not recreate temporary user for logon execution each time

Last Modified: May 29, 2024

Affected Product(s):
BIG-IP APM(all modules)

Known Affected Versions:
11.4.1, 11.6.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1 HF1, 12.1.1 HF2, 12.1.2 HF1, 12.1.2 HF2

Fixed In:
12.1.0, 12.0.0, 11.6.1, 11.5.4 HF2

Opened: Nov 20, 2014

Severity: 3-Major

Related Article: K42635442

Symptoms

Temporary user 'f5 Pre-Logon User' is created and deleted each time it is used which prevents the performance of domain operations like adding that user to specific domain group or setting properties because the SSID changes every time.

Impact

As a result, it is impossible to manage the temporary user 'f5 Pre-Logon User'.

Conditions

This happens when both of these conditions exist: 1. Windows Logon Integration is used. 2. Enforce access policy execution option is selected.

Workaround

None

Fix Information

Now the 'f5 Pre-Logon User' is created only once, which allows a Domain or System Administrator to manage it, because the SSID does not change. When the user is no longer required (that is, when the logon process is complete), 'f5 Pre-Logon User' is disabled and remains disabled until the next usage.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips