Bug ID 538663: SSO token login does not work due to remote role update failures.

Last Modified: Feb 13, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP LTM(all modules)

Known Affected Versions:
11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8, 12.0.0

Fixed In:
12.1.0, 12.0.0 HF1, 11.6.1

Opened: Aug 07, 2015
Severity: 3-Major
Related AskF5 Article:
K17505

Symptoms

SSO token login does not work due to remote role update failures.

Impact

Incorrect role assignment causing SSO login to not work. The system posts messages similar to the following: -- notice mcpd[6165]: 01070829:5: Input error: Remote user message dropped (adm184789 in [All]) because duplicate partition. -- err mcpd[6165]: 01070827:3: User login disallowed: User (adm184789) is not an administrator, does not have a UID of zero, and has not been assigned a role on a partition.

Conditions

SSO between Enterprise Manager (EM) and a BIG-IP system using a third party authentication system, such as LDAP.

Workaround

Login using remote user credentials on the BIG-IP system. This properly updates the role for the remote user.

Fix Information

SSO token login now works with the correct role assignments to a remote user.

Behavior Change