Disable ESP Administrator to use Active Directory accounts for Authentication using VESPA DB


In FAST ESP user administration, you accidently enabled “This User will be authenticated by an external User Management System” for the only Admin user and now after logout can’t access ESP Admin GUI. Now the next time you try login using the same “Admin” account, you receive the below error –

“There was a problem with your login request. Please verify that the username and password is correct. If you are still unable to log in please contact your administrator. [Try again.]”

To fix this issue create “Admin” user in you AD and then finish the configuration steps given TechNet article: FAST ESP / Enable ESP Administrator to use Active Directory accounts for Authentication - https://support.microsoft.com/en-us/kb/2441205

Once you are able to login using the AD “Admin” account you can then revert back the original accidental changed.

 

Alternately, you can follow the below steps to “Disable ESP Administrator to use Active Directory accounts for Authentication” by modifying the VESPA DB

•Log into the vespa db 

1.  Execute the command: cd %FASTSEARCH%\rdbms\bin

2.  Execute the command: psql --username fast -p 16070 vespa (If prompted for password enter ‘fast’)

•Run the below query to view the user information

           select * from espuser;

 

It would show the results like this where value of “imported” column will be set to “t” for external users

vespa=# select * from espuser;

  id  | imported | name  | email |             password             |   realname    | userpreferencesid | linksid

------+----------+-------+-------+----------------------------------+---------------+-------------------+---------

1962 | f        | user  |       | 34713bd1f6da11114559900354032c6b |    |                   |

    0 | t        | admin |       | 34713bd1f6da11114559900354032c6b | Administrator |                 1 |

(2 rows)

 

•Run the below query to update the “imported” column value of the affected user

update espuser set imported = 'f' where name = 'admin';

 

It would complete like below

vespa=# update espuser set imported = 'f' where name = 'admin';

UPDATE 1

 

•Verify if the data in espuser table was update

select * from espuser;

 

It would show the results like this where value of “imported” column will be set to “f” for FAST internal users

vespa=# select * from espuser;

  id  | imported | name  | email |             password             |   realname    | userpreferencesid | linksid

------+----------+-------+-------+----------------------------------+---------------+-------------------+---------

1962 | f        | user  |       | 34713bd1f6da11114559900354032c6b |    |                   |

    0 | f        | admin |       | 34713bd1f6da11114559900354032c6b | Administrator |                 1 |

(2 rows)

 

•Restart the adminserver using below command

nctrl stop adminserver

nctrl start adminserver

 

•Login to the FAST home using the Admin account and the old password

•Once logged in using the “Admin” account, disable ESP Administrator to use Active Directory accounts for Authentication in User administration setting “This User will be authenticated by an external User Management System”

 

Note:- Before making the changes in Vespa DB remember that editing database might lead you to an un-supported state

Comments (0)

Skip to main content