Bug ID 743475: Upgrades from releases earlier than 13.1.1 may fail when AD servers are invalid

Last Modified: Jul 03, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP APM, Install/Upgrade(all modules)

Known Affected Versions:
13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.1, 13.1.1.2, 13.1.1.3, 13.1.1.4, 13.1.1.5, 14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4, 14.0.0.5, 14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.4, 14.1.0.5, 14.1.0.6, 15.0.0

Opened: Sep 10, 2018
Severity: 3-Major

Symptoms

If an invalid Active Directory (AD) server is configured, upgrades to releases 13.1.1 and later might fail due to MCP validation that validates the AD server. The system reports an error in audit log (/var/log/audit): -- 01071d05:3: <domain-controller> is not a valid IP address or hostname.

Impact

Upgrade fails.

Conditions

Upgrade to 13.1.1 or later with invalid AD server configured.

Workaround

You can use either of the following workarounds: -- Boot back into the previous volume and modify the Authentication AD domain controller to ensure that 'Hostname' under Domain Controllers is defined using FQDN. -- Alternatively, edit the bigip.conf configuration file within the upgraded volume to correct the issue, save the file, and reload the configuration. apm aaa active-directory /Common/ad-controller { admin-encrypted-password <xxxxxxxxxxxxxxx> admin-name admin domain example.local domain-controller <xxxxxx> <----------- Must be defined using FQDN domain-controllers { example { ip 192.168.1.50 } } use-pool disabled }

Fix Information

None

Behavior Change