Last Modified: Mar 21, 2019
See more info
Known Affected Versions:
11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8, 11.6.1, 11.6.1 HF1, 11.6.1 HF2
Opened: Mar 14, 2016
Related AskF5 Article: K34082034
Configuring alternate admin user fails on multi-blade VIPRION chassis and will prevent newly added blades from being available to process traffic. If default admin on primary is disabled and you are on a chassis with at least two blades. After disabling the default admin on the primary and configuring an alternate, mcpd on secondary blades goes into a restart loop, and posts error messages similar to the following in /var/log/ltm: warning mcpd: 01071859:4: Warning generated : WARNING! Role no-access will lockout the user admin-primary2. warning mcpd: 01071859:4: Warning generated : WARNING! Role no-access will lockout the user admin-secondary1. warning mcpd: 01071859:4: Warning generated : WARNING! Role no-access will lockout the user admin-secondary2. err mcpd: 010718e7:3: The requested primary admin user (admin-primary1) must have a password set. err mcpd: 01070734:3: Configuration error: Configuration from primary failed validation: 010718e7:3: The requested primary admin user (admin-primary1) must have a password set.... failed validation with error 17242343. In this example, admin-primary1 is the default admin user set in the GUI under System :: Platform :: Admin Account, admin-primary2, admin-secondary1 and admin-secondary2 are other admin users on the device, but they are not configured as the default admin user.
mcpd in a restart loop on secondaries.
Chassis with multiple blades; alternate primary admin is set on the primary blade.
There is no workaround that will allow you to use a different primary admin user on BIG-IP software versions affected by this issue. To stop secondary blades from restarting in a loop, issue the following commands on your primary blade, which should be stable at this time: # tmsh modify sys db systemauth.primaryadminuser value admin # tmsh save sys config
Configuring an alternate admin user now works as expected on multi-blade VIPRION chassis.