Bug ID 537478: Password change is enforced on first boot, but new password isn't persisted to BIG-IP configuration.

Last Modified: Apr 10, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP All(all modules)

Opened: Aug 04, 2015
Severity: 3-Major

Symptoms

On first login, the auto-generated password is aged and password change is enforced, but the new password is not synced to the BIG-IP configuration. As a result on a subsequent configuration load, the password is reset to an auto-generated one.

Impact

Cannot log in with new password. Password returned to auto-generated one, which then expires.

Conditions

Configuration load after password change without intervening configuration save. Configuration is implicitly reloaded in many cases, including BIG-IP reboot, mcpd restart, license installation, and many more. If the first login happened before mcpd fully loads, subsequent mcpd starts invoke password reset.

Workaround

Enforce password change and save configuration after mcpd start. To change password again, run the command: tmsh modify auth user password. To save the configuration after password change, run the command: tmsh save sys config. Note: mcpd restart must be complete before running these commands.

Fix Information

None

Behavior Change