Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...


Refer to FAQ - Live Forms and LDAP for more troubleshooting information.

LDAP Backdoor Admin

 A Tenant admin can login directly to Live Forms or login with a user id who has been given tenant admin permissions in your Active Directory.

When you create/ a new tenant you are prompted to set up a tenant admin user id, password and email address. This tenant admin does not authenticate via your LDAP IDP. It only exists in Live Forms. If you experience an issue with your LDAP configuration such that you can't login as an Active Directory authenticated user, this account provides a backdoor you can use to login to your tenant as a tenant admin in order to fix your configuration issue. Only one backdoor tenant admin account is supported. The Backdoor Admin is able to access the

Frevvoproduct
tenant admin functions if your LDAP Server should become inaccessible.

Image Removed

Browse this URL to login as the Backdoor Admin: <base_URL>/frevvo/web/admin/login The base URL is an Application Property. When specified,

Frevvoproduct
will prepend the base URL to the URLs in your Form/Document Actions. The <base_URL> is typically http(s)://<your servername>:<port>.

  • You must use the admin specific URL - <base-url>/frevvo/web/admin/login - to login as the backdoor admin.
  • Non admin users can also login using the admin specific URL.

If your tenant originally used the Default Security Manager and then you changed to the LDAP Security Manager, this tenant admin account has already been setup. If you have forgotten the password, you can change it by :

...

Tip

The frevvo superuser admin (Cloud customers) and the in-house superuser can change the password for the Backdoor Admin userid from the Edit Tenant page.

What if you do not remember the userid of your original tenant admin? Follow these steps:

...

Tip

The frevvo (Cloud customers) and in-house superuser can see the Backdoor aAmin tenant userid from the Edit Tenant page.

 

Check if the configuration is correct

Here are some quick tests to check if the LDAP configuration is correct:

  1. Login as the 
    Frevvoproduct
    tenant admin for the LDAP tenant.
  2. Click on the Manage Users link.
  3. Click All. You should see a list of LDAP users which were assigned one of these
    Frevvoproduct
    roles on the LDAP server: frevvo.TenantAdmin, frevvo.Designer, frevvo.Publisher, frevvo.ReadOnly
  4. Now, click Back To Manage Tenant.
  5. Click Manage Roles. You should see a list of groups from your LDAP server.
  6. Log out from 
    Frevvoproduct
     (you should be currently logged in as the tenantadmin)
  7. Try to login with the user name and password of a user in LDAP. You need to specify the proper tenant when logging in. For instance, if john is a valid LDAP user and the name of the LDAP tenant is MYLDAP, you should log in as john@MYLDAP. The password would be john's password in LDAP.

...

Frevvoproduct

...

Check if the configuration is correct

Here are some quick tests to check if the LDAP configuration is correct:

  1. Login as the 
    Frevvoproduct
    tenant admin for the LDAP tenant.
  2. Click on the Manage Users link.
  3. Click All. You should see a list of LDAP users which were assigned one of these
    Frevvoproduct
    roles on the LDAP server: frevvo.TenantAdmin, frevvo.Designer, frevvo.Publisher, frevvo.ReadOnly
  4. Now, click Back To Manage Tenant.
  5. Click Manage Roles. You should see a list of groups from your LDAP server.
  6. Log out from 
    Frevvoproduct
     (you should be currently logged in as the tenantadmin)
  7. Try to login with the user name and password of a user in LDAP. You need to specify the proper tenant when logging in. For instance, if john is a valid LDAP user and the name of the LDAP tenant is MYLDAP, you should log in as john@MYLDAP. The password would be john's password in LDAP.

Since you are using LDAP to define

Frevvoproduct
users and roles (i.e., groups), you do not see an Add User icon or Add Role icon on the Manage Users or Manage Roles pages.

LDAP Backdoor Admin

 A Tenant admin can login directly to Live Forms or login with a user id who has been given tenant admin permissions in your Active Directory.

When you create a new tenant you are prompted to set up a tenant admin user id, password and email address. This tenant admin does not authenticate via your LDAP IDP. It only exists in Live Forms. If you experience an issue with your LDAP configuration such that you can't login as an Active Directory authenticated user, this account provides a backdoor you can use to login to your tenant as a tenant admin in order to fix your configuration issue. The Backdoor Admin is able to access the

Frevvoproduct
tenant admin functions if your LDAP Server should become inaccessible. Only one backdoor tenant admin account is supported.

Image Added

Browse this URL to login as the Backdoor Admin: <base_URL>/frevvo/web/admin/login The base URL is an Application Property. When specified,

Frevvoproduct
will prepend the base URL to the URLs in your Form/Document Actions. The <base_URL> is typically http(s)://<your servername>:<port>.

  • You must use the admin specific URL - <base-url>/frevvo/web/admin/login - to login as the backdoor admin.
  • Non admin users can also login using the admin specific URL.

If your tenant originally used the Default Security Manager and then you changed to the LDAP Security Manager, this tenant admin account has already been setup. If you have forgotten the password, you can change it by :

  • Browsing the admin specific URL - <base-url>/frevvo/web/admin/login. Enter the Backdoor Admin userid. Click Forgot Password? Once you have changed the password, browse the admin specific URL again and login with the tenant admin user id and the new password. If you need to change the password again, or make changes to your tenant, click the Edit Tenant link. The Backdoor Admin password can be changed on this screen.

    Image Added

    This error message displays if any other user clicks on the Forgot Password? link after browsing the admin specific URL:

    Image Added


What if you do not remember the userid of your original tenant admin? Follow these steps:

  1. Login as your authenticated Azure SAML tenant admin
  2. The frevvo (Cloud customers) and in-house superuser can see the Backdoor Admin tenant userid from the Edit Tenant page.

Secure LDAP Configuration

...