Administrator locked out after LDAP Configuration

Sorry, what i meant to say was "uses a username only without @domain.com"

you can set the property conf.ldap.enabled=false in cfg table in appian primary db. This will disable appian from using ldap for authentication. Then you can try logging in with some local account if you remember. Then create another account for ldap testing and this account should be in ldap with all groups that are passed in the search query in admin console....then rerun the sql with conf.ldap.enabled=true....don't know of a way to reset administrator account...you might wanna open a support case with appian for that

Also if you don't remember any local accounts...you can reset the password if you have email setup...password reset email will be sent....

Thanks aswinb608, can't appian be configured to allow both a local accounts and ldap accounts? So that user1 authenticates locally, while user1@domain.com authenticates using ldap?

yes appian can do both local and ldap at the same time....if it doesn't find it in ldap it goes to local and vice versa....i thought since you lost your admin account and also don't have the administrator account as well, it would be nice if you turn off ldap as if you try to do password reset with ldap enabled....it won't send email to reset it as it uses ldap....but if you turn off ldap and then try to reset your password, it will think as your local account needs to be reset and then sends email....you need to do this on a local account that is known to have admin access and ask them to reset your password and then also give you admin access....if I am confusing you...please open a support case with appian for more on this...

How do you configure appian to use both local and ldap? as i thought this is what i had setup, but as soon i saved the ldap settings, it only accepted ldap usernames. Which to me sounds weird, how can i assign an admin to an ldap account if i lost access to the local users? i had two local admin accounts and i lost both of them the second i enabled ldap.

Its good to know that i can disable ldap from the cfg, but now i dropped all of the schemas and KDBs and started fresh. Problem now is that i am getting a JBAS014777 error! Thanks for your input.

if ldap is enabled...and the local accounts@domain exist in ldap then it will prefer ldap....i think you need to be specific about the username you are passing....if you are using local.user1@domain for ldap and then use local.user1 for local...these are two separate users.....but appian always have two way flow...if it doesn't find the user in ldap...then you can use the local account password to login...if you got jboss error...please post the server.log file with this post....

This is what i was expecting, but that did not happen. The second i enabled ldap, i fully lost access to all of my local accounts. Locally i had Administrator and another user.local while all LDAP accounts were configured to use userPrincipalName to login which is their email address.

Since i started over, we can end this thread. Thank you.