How can I log into Unified Self Service (USS) if the authentication is configured for an external source, and the integration is broken?

Document ID : KB000057050
Last Modified Date : 14/02/2018
Show Technical Document Details

Description:

If you have USS configured for external authentication to LDAP or EEM it may be possible that an occurrence may happen to cause the integration to break. In instances like this you may need to still log into USS to make configuration changes, how can this be done without disabling the integration?

Solution:

It's possible to configure an "omniadmin" user account which will allow specific accounts to log into Liferay even if external authentication is down. It will authenticate using the internal authentication if external sources are offline.

1. First obtain the "contactId" value for the user you wish to define as an "omniadmin". Log into the USS database (USS_mdb) and use a query like this:

select screenName,contactIdĀ from User_ where screename = '*'

(replace * with the screenname of the user you wish to use)

Note the Id value.

2. Log into the server where USS is installed, browse to the install folder of USS and go into:

CA\Self Service\OSOP

Open the file "portal-ext.properties" using a text editor.

3. At the bottom of the file (right below "openspace_version") put:

omniadmin.users=*

(replace * with the UserId value received at step 1).

NOTE: You can include multiple names with a comma separating each, for example:

omniadmin.users=10197,10505,10512

4. Restart the services for Unified Self Service to complete the configuration.