Guest

Preview Tool

Cisco Bug: CSCvj12175 - Custom Roles with admin permissions should be able to SSH to leafs and Spines

Last Modified

Oct 31, 2018

Products (1)

  • Cisco Application Policy Infrastructure Controller (APIC)

Known Affected Releases

2.1(3h) 3.1(2m) 3.2(1m)

Description (partial)

Symptom:
When using a custom role that has admin permissions, the leaf switches nor the spine switches cannot be connected to using ssh. Also, the acidiag commands nor the fabric show commands cannot be run.

Conditions:
Remote user with an av-pair that uses a custom role.
The custom role only contain the admin privilege. 

When trying to ssh to the leaf/spine it will never work but the nginx logs will show login successful.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.