Guest

Preview Tool

Cisco Bug: CSCvs27008 - [ENH] External Authentication for FXOS ssh support for users longer than 32 characters

Last Modified

Dec 05, 2019

Products (1)

  • Cisco Firepower 9300 Series

Known Affected Releases

2.7(1.117)

Description (partial)

Symptom:
Currently there are following limitations for FXOS users:

The names on the LDAP server must be Linux-valid usernames:
    Maximum 32 alphanumeric characters, plus hyphen (-) and underscore (_)
    All lowercase
    Cannot start with hyphen (-); cannot be all numbers; cannot include a period (.), at sign (@), or slash (/)

In case any username is longer than 32 characters the following faults appear:

[FSM:STAGE:FAILED]: external aaa server configuration to primary(FSM-STAGE:sam:dme:AaaEpUpdateEp:SetEpLocal)
[FSM:STAGE:REMOTE-ERROR]: Result: failure Code: ERR-aaa-get-user-info-error Message: Failed to get user information(sam:dme:AaaEpUpdateEp:SetEpLocal)
[FSM:FAILED]: external aaa server configuration(FSM:sam:dme:AaaEpUpdateEp)
The password encryption key has not been set.

Conditions:
any username is longer than 32
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.