Bug ID 544906: Issues when using remote authentication when users have different partition access on different devices

Last Modified: Dec 15, 2020

Bug Tracker

Affected Product:  See more info
BIG-IP LTM(all modules)

Known Affected Versions:
11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8, 11.6.1, 11.6.1 HF1, 11.6.1 HF2, 11.6.2, 11.6.2 HF1, 12.0.0, 12.0.0 HF1, 12.0.0 HF2, 12.0.0 HF3, 12.0.0 HF4, 12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3

Fixed In:
13.0.1, 12.1.3, 11.6.3

Opened: Sep 09, 2015
Severity: 3-Major
Related AskF5 Article:


User validation failing when adding a partition when the [All] partition already exists, or when adding [All] partition if a specific (non-All) partition is already configured for that user. For example, on config sync, the system might post an error similar to the following: error 01070821:3: User Restriction Error: Once configured for specific partition(s), user cannot have [all].


The system posts User Restriction Errors and operations (such as config sync) fail.


Devices configured for remote authentication. User A on device 1 with role on all-partitions. User A on device 2 with role restricted to a single partition. Perform operation that involves accessing partitions on each device. For example, a config sync operation. The config sync issue occurs because one device is trying to sync an [All] partition to a peer that has a non-All partition already configured for a user.


Switch to local authentication on device 1 to perform operations on multiple devices on which a single user has different partition access configured. After completing the operations, switch back to remote authentication on device 1.

Fix Information

User authentication completes successfully for operations on multiple devices on which a single user has different partition access configured.

Behavior Change