Bug ID 711158: Admin user roles automatically demoted to guest

Last Modified: Jul 12, 2023

Affected Product(s):
BIG-IP All(all modules)

Known Affected Versions:
13.0.1, 13.0.0,,, 12.1.5,, 12.1.4,,,,,,,, 12.1.3

Opened: Mar 21, 2018

Severity: 3-Major

Related Article: K25280801


Newly created admin users are immediately demoted to guest.


In a few seconds, the newly created admin user account reverts to a guest role. User does not have the expected admin access.


-- A sync-failover device group exists. -- The REST framework's 'gossip' mechanism is configured. -- Create a new admin user using a command similar to the following examples: tmsh ----- tmsh create auth user test123 password **** partition-access add { all-partitions { role admin } } GUI ----- via WebUI System menu :: Users User Name: test123 Password: **** Confirm: **** Role: Administrator Partition: All Click Finish button Note: Correct REST framework 'gossip' mechanism configuration should occur automatically, but might not be ready. You can confirm whether this is the case by running the following command: restcurl shared/resolver/device-groups/tm-shared-all-big-ips/devices. The output must show all your devices, and show that they all have the same 'version' and the same 'restFrameworkVersion'.


On the primary BIG-IP system, do the following: 1. Disable failover by running the following command: restcurl -X PATCH tm/shared/bigip-failover-state -d '{"isEnabled": false}' 2. Clear REST devices from the device group by running the following command: restcurl -X DELETE shared/resolver/device-groups/tm-shared-all-big-ips/devices

Fix Information


Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips