Bug ID 492122: Now Windows Logon Integration does not recreate temporary user for logon execution each time

Last Modified: Nov 07, 2022

Bug Tracker

Affected Product:  See more info
BIG-IP APM(all modules)

Known Affected Versions:
11.4.1, 11.5.0, 11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.10, 11.5.2, 11.5.2 HF1, 11.5.3, 11.5.3 HF1, 11.5.3 HF2, 11.5.4, 11.5.4 HF1, 11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8

Fixed In:
12.0.0, 11.6.1, 11.5.4 HF2

Opened: Nov 20, 2014
Severity: 3-Major
Related Article:
K42635442

Symptoms

Temporary user 'f5 Pre-Logon User' is created and deleted each time it is used which prevents the performance of domain operations like adding that user to specific domain group or setting properties because the SSID changes every time.

Impact

As a result, it is impossible to manage the temporary user 'f5 Pre-Logon User'.

Conditions

This happens when both of these conditions exist: 1. Windows Logon Integration is used. 2. Enforce access policy execution option is selected.

Workaround

None

Fix Information

Now the 'f5 Pre-Logon User' is created only once, which allows a Domain or System Administrator to manage it, because the SSID does not change. When the user is no longer required (that is, when the logon process is complete), 'f5 Pre-Logon User' is disabled and remains disabled until the next usage.

Behavior Change