Our vBulletin migration is complete.
Welcome vBulletin users! All content and user information from the Micro Focus Forums (vBulletin) site has been migrated to this site. READ MORE.
Highlighted
Super Contributor.. twinge Super Contributor..
Super Contributor..
580 views

Restore Login after wrong LDAP configuration

Jump to solution

Hi All!

It seems that I made something wrong in the LDAP configuration (strange because it was only a copy/paste from a second APM installation), anyway I cannot login anymore and the admin user is disabled as per LDAP login default configuration. 

How can access to APM again?   

Thanks for your suggestions!

Labels (2)
Tags (1)
0 Likes
1 Solution

Accepted Solutions
Micro Focus Expert
Micro Focus Expert

Re: Restore Login after wrong LDAP configuration

Jump to solution

Hi twinge,

I found this:

KM522390 - How to login to BAC if LDAP Authentication fails?
Change the authentication method from JMX-Console as follows:

1. Access the following URL: http://<BAC_GATEWAY_SERVER>:29000/jmx-console/HtmlAdaptor?action=inspectMBean&name=Foundations%3Aservice%3Dusers-remote-repository

If it asks for a username/password, enter the APM username/password (for example admin/admin) and not the LDAP username/password.

2. Under the "Users Remote Repository JMX" -> RemoteUserRepositoryMode -> Enter "Disabled" (without the quotes) in the Value field and hit "Apply Changes".

It will not show any results page, however it will disable the LDAP Authentication.

3. Open APM in a new browser window. It will now allow you to login and access APM with the APMC user-credentials.

I found this note, which might also apply to APM 9.3x
If this is applied to BSM 9.2x the admin or any users cannot login any more to BSM GUI.

To fix it some manipulations of the USERS table in Management DB are need.
Backup the manipulated fields.
Set a new password string for the admin in the field USER_PASSWORD and set the USER_DBETYPE to 0.

Save the table and you should be able to login with the new password after 10..20 seconds.

I also found this one:

Step 1

apply steps from above

If unable to login go to Step 2


1. Open the jmx console 
http://<gateway>:29000/jmx-console/HtmlAdaptor?action=inspectMBean&name=Topaz%3Aservice%3DLW-SSO+Configuration 
2. Check: 
EnableLWSSOFramework true if not set to true and apply changes.

If unable to login go to step 3

Step 3
1. Check setting_parameters table in the management db and 
Look for all records where SP_CONTEXT = “LDAPIntegration” 
2. Delete all those records from the table, and restart BSM, and it should allow the user to login using the internal login mechanism. 
3. In reality, you should be able to just delete the record where SP_NAME = “remote.users.repository.mode”, but you might as well delete all of them so the customer can start with a clean system. 

The paths to the MBean might have changed over time, but the procedure should still work.

 

Greetings
Siggi

Customer Support
Micro Focus

If you find that this or any post resolves your issue, please be sure to mark it as an accepted solution.
2 Replies
Micro Focus Expert
Micro Focus Expert

Re: Restore Login after wrong LDAP configuration

Jump to solution

Hi twinge,

I found this:

KM522390 - How to login to BAC if LDAP Authentication fails?
Change the authentication method from JMX-Console as follows:

1. Access the following URL: http://<BAC_GATEWAY_SERVER>:29000/jmx-console/HtmlAdaptor?action=inspectMBean&name=Foundations%3Aservice%3Dusers-remote-repository

If it asks for a username/password, enter the APM username/password (for example admin/admin) and not the LDAP username/password.

2. Under the "Users Remote Repository JMX" -> RemoteUserRepositoryMode -> Enter "Disabled" (without the quotes) in the Value field and hit "Apply Changes".

It will not show any results page, however it will disable the LDAP Authentication.

3. Open APM in a new browser window. It will now allow you to login and access APM with the APMC user-credentials.

I found this note, which might also apply to APM 9.3x
If this is applied to BSM 9.2x the admin or any users cannot login any more to BSM GUI.

To fix it some manipulations of the USERS table in Management DB are need.
Backup the manipulated fields.
Set a new password string for the admin in the field USER_PASSWORD and set the USER_DBETYPE to 0.

Save the table and you should be able to login with the new password after 10..20 seconds.

I also found this one:

Step 1

apply steps from above

If unable to login go to Step 2


1. Open the jmx console 
http://<gateway>:29000/jmx-console/HtmlAdaptor?action=inspectMBean&name=Topaz%3Aservice%3DLW-SSO+Configuration 
2. Check: 
EnableLWSSOFramework true if not set to true and apply changes.

If unable to login go to step 3

Step 3
1. Check setting_parameters table in the management db and 
Look for all records where SP_CONTEXT = “LDAPIntegration” 
2. Delete all those records from the table, and restart BSM, and it should allow the user to login using the internal login mechanism. 
3. In reality, you should be able to just delete the record where SP_NAME = “remote.users.repository.mode”, but you might as well delete all of them so the customer can start with a clean system. 

The paths to the MBean might have changed over time, but the procedure should still work.

 

Greetings
Siggi

Customer Support
Micro Focus

If you find that this or any post resolves your issue, please be sure to mark it as an accepted solution.
Super Contributor.. twinge Super Contributor..
Super Contributor..

Re: Restore Login after wrong LDAP configuration

Jump to solution

Thanks Siggi. Solution 1 worked perfectly. 

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.