Forum Discussion

ksuuk's avatar
ksuuk
Icon for Nimbostratus rankNimbostratus
Nov 21, 2014

tmsh command to add users into /config/bigip/auth/localusers file?

Hi.

I'm using LDAP remote authentication for users and now I need add some service accounts, with bash shell, so local accounts is the only way to add such users, however, they must bypass LDAP remote authentications. Adding them (manually editing it) into /config/bigip/auth/localusers does the job:


 THIS IS AN AUTO-GENERATED FILE - DO NOT EDIT!!!

 Use the tmsh shell utility to make changes to the system configuration.
 For more information, see tmsh -a help auth user.
root
admin
user1
user2

But how to add users into /config/bigip/auth/localusers with tmsh? I can't find such tmsh command.

management
security

4 Replies

Sort By
  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Nov 21, 2014
    can you try this? if i do not misremember, you can create local user via gui or tmsh, password will be checked against ldap server (i.e. local user password is not used) but local user shell will be used. Remote Role configuration - Terminal Access   https://devcentral.f5.com/s/feed/0D51T00006j3DjKSAU
  • ksuuk's avatar
    ksuuk
    Icon for Nimbostratus rankNimbostratus
    Nov 21, 2014
    Yes, that works too, but requires identical user in LDAP, however I don't want use LDAP for these specific users at all. And I'm still curious about this disclaimer in /config/bigip/auth/localusers, as it clearly says, that some with some command system can edit it. What is that command? works too, but I'm still curious about this disclaimer in /config/bigip/auth/localusers, as it clearly says, that some with some command system can edit it. What command?
  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Nov 22, 2014

    And I'm still curious about this disclaimer in /config/bigip/auth/localusers, as it clearly says, that some with some command system can edit it. What is that command?

     

    as i understand, there is no supported way to modify the file. it is automatically generated when rebooting.

     

  • Mart_Pirita_172's avatar
    Mart_Pirita_172
    Icon for Nimbostratus rankNimbostratus
    Nov 24, 2014

    Yes, it's automatically generated, so manually added users are lost after reboot:(.