Indeni User Creation

Owned by Former user (Deleted)
Last updated: Feb 23, 2018 by Patrik Jonsson (Unlicensed)
3 min read

Determining which account type to set up

Administrative privileges are required.

Depending on TMOS version and method of authorization the local admin account may be required. 

To help determine what’s right for your device, please consult the table below.

Version

Authentication

Authorization

Required User Type

BIG-IQ

Remote or Local

Remote or Local

Administrator role

11.6.0 and later

Remote

Remote

Local Administrator account with Advanced shell

11.6.0 and later

Local

Local

Any user with an Administrator role with shell set to Advanced shell

11.6.0 and later

Remote

Local

Any user with an Administrator role with shell set to Advanced shell

Setting up the Indeni user account

Only one of the following guides will have to be followed per device. Which one depends on the result of the table above.

Creating a new administrator account in and LTM

  1. Log in to the F5 web interface.
  2. Navigate to System Users User List.
  3. Click on Create.
  4. Enter a User Name and a Password, configure role Administrator across All partitions and grant terminal access Advanced shell
  6. Click on Finished


Configuring the use of a local admin account

  1. Log in to the F5 web interface.
  2. Navigate to System Users User List.
  3. Click on the local admin account.
  4. Change the Terminal Access from Disabled to Advanced shell.
  5. Click on Update

Creating an account in BIG-IQ

  1. Log in to the BIG-IQ web interface.
  2. Navigate to System Management.
  3. Navigate to User Management → Users
  4. Click on Add.
  5. Fill in the details and make sure that the user has the role Administrator.
  6. Click Save.


Frequently Asked Questions

Why does Indeni need administrator access and Advanced Shell?

  • For certain versions F5 has set the requirement that any user that is accessing the REST interface must have a role of administrator.
  • In order for Indeni to perform all smart monitoring checks the Indeni user needs access to bash.

Why does Indeni have to use the local administrator account in some cases?

  • When remote authorization is used there is no way of setting the shell of remote users to Advanced Shell. More information can be found here.
  • In version 11.5.4 the only user that has access to the REST interface is the local admin account.

What is "remote authorization"?

This is when a remote service (e.g. RADIUS, LDAP) defines the role a user has after they have successfully logged in to the device.