Professional Documents
Culture Documents
C1 SE8 Maint Accounts Ja
C1 SE8 Maint Accounts Ja
JOB AID
TABLE OF CONTENTS
DIGITAL 2
EDUCATION
SERIES
BIG-IP ADMINISTRATOR TRAINING
BIG-IP FUNDAMENTALS CURRICULUM
DIGITAL 3
EDUCATION
SERIES
BIG-IP ADMINISTRATOR TRAINING
BIG-IP FUNDAMENTALS CURRICULUM
2. On the BIG-IP system, navigate to System » Users and create a new, local Administrator user account with
access to all partitions and to all command line functions (Advanced shell). In this example, the username is set
to DarthVader66.
3. This BIG-IP system now has two local user accounts. Both are designated Administrators on All Partitions,
but the admin account is still the primary administrative user. Continue on to the section entitled Designate a
New Primary Administrator User from the Configuration Utility for instructions on how to disable the default
admin user and designate an alternate.
DIGITAL 4
EDUCATION
SERIES
BIG-IP ADMINISTRATOR TRAINING
BIG-IP FUNDAMENTALS CURRICULUM
Requirements: You must be an Administrator to perform the tmsh create step shown below.
1. List the current default admin user account.
2. Create a new, local user with access to all partitions in the Administrator role, and with access to Linux bash
and TMSH. List the new user's configuration settings after creation.
3. If you want to keep this modification permanently, remember to save the configuration.
DIGITAL 5
EDUCATION
SERIES
BIG-IP ADMINISTRATOR TRAINING
BIG-IP FUNDAMENTALS CURRICULUM
In the example below, the new local administrator user named DarthVader66 is designated as the primary
administrator user, effectively disabling the default admin user. Any users currently logged into the BIG-IP system
as admin will be immediately disconnected. Any new attempt to log in with the default admin user credentials will fail
unless it is once again designated as the primary administrator user.
Requirements: You must be an Administrator to perform step 1. Also, if you perform step 1 while logged in as
the admin user or as the alternate user you specify in the step, you will be logged out.
If you perform step 1 below while logged in as the admin user or as the alternate
user you specify in the step, you will be logged out.
1. On the BIG-IP system, navigate to System » Platform and in the User Administration section, check
the Disable default admin, use alternate checkbox, and specify an alternate account to use as the primary
administrator user. You must know the password for the account you specify as the alternate. In this example,
the new local administrator account created above - DarthVader66 is designated as the primary administrator
user.
DIGITAL 6
EDUCATION
SERIES
BIG-IP ADMINISTRATOR TRAINING
BIG-IP FUNDAMENTALS CURRICULUM
2. Notice the default admin user now no longer appears in the User List on the Configuration utility. (It does
appear if you list all users from TMSH, as shown further below, but it is disabled for use with the Configuration
utility.)
Requirements: You must be an Administrator to perform the tmsh modify steps shown below.
1. List the current primary administrator user. This example shows the default configuration which names admin as
the primary administrator user.
2. Designate the custom administrator account named DarthVader66 as the primary administrator user and list the
primary administrator user again.
3. If you want to keep this modification permanently, remember to save the configuration.
DIGITAL 7
EDUCATION
SERIES
BIG-IP ADMINISTRATOR TRAINING
BIG-IP FUNDAMENTALS CURRICULUM
Before disabling the root account, you should ensure you have at least one other
local administrator account with advanced shell access. Failure to do so may put
you in a position where you are unable to administer your BIG-IP system.
1. On the BIG-IP system, navigate to System » Platform and in the User Administration section, check
the Disable login checkbox for the Root Account. Note: The Password and Confirm fields for the Root
Account will disappear.
DIGITAL 8
EDUCATION
SERIES
BIG-IP ADMINISTRATOR TRAINING
BIG-IP FUNDAMENTALS CURRICULUM
Requirements: You must be an Administrator to perform the tmsh modify steps shown below.
1. List the current value for the BIG-IP DB variable that controls the root system maintenance account. When its
value is false, the root user is enabled and can be used to sign into the BIG-IP system's command line
interface. When true, the root user is disabled, and cannot be used to access the BIG-IP system's command
line interface. (Note: The root user has no access to the Configuration utility.)
2. Disable the root user account and list the variable's value again. Note: Any users currently signed into the BIG-IP
system as root will remain signed in and able to perform administrative activities until they sign out or their
session terminates.
3. If you want to keep this modification permanently, remember to save the configuration.
DIGITAL 9
EDUCATION
SERIES