After upgrading to AEM6.2 from AEM 6.0 or CQ5.6.1 LDAP, users cannot log in | AEM 6.x

Issue

After upgrading from CQ5.x or AEM6.0 to AEM 6.0 SP3, 6.1, or 6.2, the existing LDAP users can no longer log in to AEM. 

Cause

It is a known issue as the properties on the LDAP connected user nodes have changed.

Resolution

Either delete the existing LDAP users and let them get re-synced automatically or pursue the following instructions:

  1. Download the version of oak-run that matches your Oak version installed in AEM.

  2. Download the attached setRepExternalId.groovy.

  3. Upload both oak-run and the groovy script to your AEM server.

  4. Stop AEM.

  5. To open the oak-run console, run the following command . (Replace crx-quickstart/repository/segmentstore with the path to your AEM instance's repository/segmenstore).

    java -Xmx2048m -jar oak-run-*.jar console crx-quickstart/repository/segmentstore
  6. Run the following commands in the console. (Replace the ldap parameter to match the name of your LDAP Identity Provider OSGi configuration. For example, if your IDP name is configured in the OSGi configuration as ldap, then change that name in the jsp also.  

    :load setRepExternalId.groovy
    new FixLDAPUsers().setRepUserProps(session, "/home", "ldap")

    As a result it runs a dry run with the output as all LDAP users and groups on AEM displaying the rep: externalId and rep: authorizableId are set.  

  7. If you are satisfied with the output, then move to the next step.

  8. Run the command from step 6 again, but this time, add the parameter false to the end. It applies the changes. (Once again ensure to change ldap to match your configuration name instead).

    :load setRepExternalId.groovy
    new FixLDAPUsers().setRepUserProps(session, "/home", "ldap", false)
  9. Go to http://aem-host:port/crx/de/index.jsp and log in as admin.

  10. Browse to /oak: index.

  11. Set property reindex=true on the following indexes if they exist:

    • /oak:index/externalId
    • /oak:index/authorizableId
    • /oak:index/authorizables
  12. Click Save All.

    Indexing causes the system to hang until it is done. 

  13. Monitor the logs until it is completed.
    As a result, the users can log in to the system.

 Adobe

쉽고 빠르게 지원 받기

신규 사용자이신가요?

Adobe MAX 2024

Adobe MAX
크리에이티비티 컨퍼런스

10월 14~16일 마이애미 비치 및 온라인

Adobe MAX

크리에이티비티 컨퍼런스

10월 14~16일 마이애미 비치 및 온라인

Adobe MAX 2024

Adobe MAX
크리에이티비티 컨퍼런스

10월 14~16일 마이애미 비치 및 온라인

Adobe MAX

크리에이티비티 컨퍼런스

10월 14~16일 마이애미 비치 및 온라인