Expand my Community achievements bar.

Dive into Adobe Summit 2024! Explore curated list of AEM sessions & labs, register, connect with experts, ask questions, engage, and share insights. Don't miss the excitement.

LiveCycle User Management

Avatar

Former Community Member
Hello,



I have a few questions to the User Management of the LiveCycle 7.0 products. Because there is no forum especially for UM and a documentation for the UM API comes with the SDK, I post my questions here and hope that somebody might be able to answer them.



My main problem is that I just need some users for testing purposes, so I would like to find a quick and easy way.

Is there a possibility to manually insert users in UM? I searched, but I haven't found one. The only possibilities I have found are

1. LDAP: I don't know much about LDAP, I have no idea how fast I can set up users here, and I don't have any Active Directory or similar to use LDAP with

2. JAAS: I haven't found any documentation how the JAAS interface needs to be configured, and I already crashed the installation in trying to use JAAS.

3. Write a custom service provider



Is there a possibility to configure LiveCycle UM to use the Windows OS users? How much effort is it to write a custom service provider which gets the user information e.g. from a file (remember it's just for testing, so need not be that secure) or from Windows OS? Has anyone already set up a custom service provider for the User Management? Do I have to set up authentication AND directory services or is authentication sufficient? Has anybody found the samples mentioned in the documentation 'Developing User Management Service Providers' (this relates to my other entry in this forum)?

Please, any help is really appreciated and urgently needed!

Thanks in advance!



Regards, Karin Garreis
9 Replies

Avatar

Former Community Member
Hi Karin,



I haven't tried playing with the UM much myself, but I think you need to have both the directory service and authentication set up in order to add users.



Basic LDAP things, like adding users, isn't too tough. And by using the default settings in the admin UI it makes connecting LiveCycle to LDAP easier. I would imagine creating a custom service provider would be MUCH more work than hooking LiveCycle up to LDAP. Especially if this is just for testing and all the work you've done creating the custom SP won't be used later.



H.

Avatar

Level 9
Hi Karin



I've been looking into the UM API, and it looks to me like it would be very difficult/impossible to create "local" users that aren't attached to an LDAP repository. (I'm happy to be corrected on this.)



So I'd take the plunge and learn LDAP. If you install your server on a Windows Server, you get Active Directory for free - it's pretty easy to set up and configure. In this way, you do get what you're asking for i.e. "to configure LiveCycle UM to use the Windows OS users?"



Howard

Avatar

Former Community Member
I now cannot log into Workflow Designer or the LiveCycle admin page.

I was so happy today to finally, after 3-4 days of trying, managed to get the authentication to LDAP working.

Unfortunately after I synchronized my users I lost my administrator account and can no longer log in with an account with admin rights.



I am so screwed unless someone knows how to fix this.



Thanks,

Duncan Campbell

Avatar

Former Community Member
Hi Duncan,



I suspect that you have an account named Administrator in your LDAP directory and that when you did the Sync the Administrator account in LDAP over wrote the LiveCycle Administrator account. Try logging in with the LDAP defined admin and password. If you can then that is what has happened. I do not know of a way to get your admin back other than to uninstall and reinstall. When you reinstall, create a new super admin with a unique name before you synch with LDAP



Denver

Adobe Enterprise Developer Support

Avatar

Former Community Member
<Denver_Green@adobeforums.com> ha scritto nel messaggio <br />news:3bbc7adb.3@webx.la2eafNXanI...<br />> Hi Duncan,<br />><br />> I suspect that you have an account named Administrator in your LDAP <br />> directory and that when you did the Sync the Administrator account in LDAP <br />> over wrote the LiveCycle Administrator account. Try logging in with the <br />> LDAP defined admin and password. If you can then that is what has <br />> happened. I do not know of a way to get your admin back other than to <br />> uninstall and reinstall. When you reinstall, create a new super admin with <br />> a unique name before you synch with LDAP<br />><br />> Denver<br />> Adobe Enterprise Developer Support<br /><br />Denver,<br />is it possible to change username and password of the user by changing <br />directly in the DB (i.e. MySQL in a turnkey installation)? Could this be a <br />possible solution for Duncan's problem?<br />If I understand well, in the DB there is a replication of all the users of <br />the LDAP, is it correct?<br /><br />Bye,<br />Alessio

Avatar

Former Community Member
It's correct that user info for the users synch'd from LDAP is stored in the WF database, but not the passwords for them, it's still required to hit LDAP to authenticate.



Could you change the password directly in the DB? Maybe, I'm not sure. I wouldn't recommend it anyways.



Another possible solution. Disconnect the the Workflow machine so that it cannot hit the LDAP machine anymore. Then log on as Administrator, when it fails to authenticate against the LDAP it will log as the default Workflow Super Admin account. You can then go in and assign all roles to LDAP Administrator account (or whatever other account you want) so that this can be used. You can then reconnect and use the account defined in LDAP.



Chris

Adobe Enterprise Developer Support

Avatar

Level 9
Hi

You may well be able to do this. A similar problem can occur when you synch with two different LDAP systems, and a user of the same name appears in both. When you log into Workflow, you don't specify a domain (LDAP domain) - simply a user name. If that username appears twice under two different domains, and you log in, it just picks one of them. I'm not sure which one it picks.

1. Yes, the system does create a copy of all the users it synchronizes with. It does not copy the password - it always goes back to the LDAP system for authentication.

2. Yes, you should be able to modify the "administrator" text to something else (eg "administrator2"), and log in with that name. I've never tried it, but I suspect it would work - it's all just data as far as I know.



Good luck!



Howard

http://www.avoka.com

Avatar

Former Community Member
have any body know

how to set JAAS as authentication in place of LDAP

thanks in advance

Avatar

Level 1

Hello

I am trying to configure Custom User Management (Directory Provider) for my Livecycle 7.x environment... Can anyone please guide me with any samples/documentation other than the Adobe official document "Developing User Management Service Providers".

In the documentation, reference for DirectoryProviderConfig class was made, I am unable to understand whether the object corresponding to DirectoryProviderConfig is instantiated by the LC server itself or code need to be written to instantiate the same, here is the code which I am referring to

public DSPrincipalCollection getPrincipals(DirectoryProviderConfig config, Object state) throws IDPException {
     return grabBatchPrincipals(config,state);
}

thanks in advance...

Regards

Sivajee.