Submit Feedback

Adding and Managing Users

Core user management activities include adding, editing, and deleting users. These activities are typically restricted to Administrative users.

Adding Users

Open the Global Menu () and go to Control Panel → Users and Organizations.
In the Users tab, click the New button.
Fill out the Add User form and click Save. At a minimum, provide a screen name, first name, last name, and email address for the user.

Note

Screen names and email addresses are not interchangeable. A screen name cannot contain an @ symbol because it is used in the URL to a user’s pages.

The add user functionality is split over several independent forms. Save the first form to create the user, and then you’ll see a success message saying Success. Your request completed successfully.

You can add additional information after creating the user.

Setting Passwords for New Users

When you create users, Liferay generates their passwords. If a mail server was set up, Liferay sends an email message with the users’ new passwords.

If you haven’t set up a mail server, click the Password item from the general menu and manually set a password for your new user. Enter the new password twice.

Enter the password twice to manually set the password for a user. If the password policy you're using is configured to allow it, select whether to require the user to reset their password the first time they sign in to the portal.

Open Registration

By default, guest users can create user accounts.

See Configuring Authentication to learn more about configuring registration and authentication for users.

Configuring a User Directory

Organizations that manage users with LDAP can sync their LDAP server with Liferay to import users. See Connecting to a User Directory to learn more.

Editing Users

Open the Global Menu () and go to Control Panel → Users and Organizations.

Click Actions () next to a user.

The following options are available:

Option	Description
Edit	Modify any aspect of the User account.
Permissions	Define which Roles have permissions to edit the User.
Manage Pages	Configure the personal pages of a User.
Impersonate User	Browse the Site in another window as though you were that User.
Deactivate	Disable the user’s account.
Erase Personal Data	Delete the User’s personal data.
Export Personal Data	Download the User’s personal data.

Deactivating and Deleting Users

Removing users is a two-step process for several reasons:

You or the user may decide you really wanted that account.
Users are often tied to content with possible legal ramifications in your country.
You may need time to review a user’s account activity before removing all evidence of that user’s existence.

For these and more reasons, you must first deactivate a user before deleting them.

Note

A user with the Delete permission can activate, deactivate, and delete users. Starting from Liferay DXP 2023.Q4+/Portal 7.4 GA98+, two new permissions, Activate and Deactivate, have been added to give more granular control over who can activate and deactivate other users.

Deactivating Users

Deactivating a user prevents the user from logging in, but preserves the user. You can toggle between active and inactive users in the users view. If all the users are active, this filtering option doesn’t appear.

To deactivate a user,

Open the Global Menu () and go to Control Panel → Users and Organizations.
Locate the user to deactivate and click the Actions () button next to the user.
Select Deactivate.

The user is now deactivated and can no longer log in. Users can be reactivated by finding them in the users table (be sure you’re filtering the table results by deactivated users), clicking Actions (), and selecting Activate. There’s no confirmation window for activation: users are automatically restored to their former status after activation.

Deleting Users

To guard against accidental deletion of users, users must be deactivated first, and then can be deleted.

Follow the steps above to deactivate the user.
Click Filter and order at the top of the table to display a selector. Click Inactive to view the user you just deactivated.
Click the Actions () button, and click Delete to delete the user.

The user is now deleted. There is no way to recover the user once deleted besides restoring from a prior backup.

Impersonating Users

You can impersonate users to view the system as the user would see it. This helps to diagnose permission issues an administrator can’t see, such as making sure a user doesn’t have access to sensitive data. Only users with the administrator role can impersonate.

Open the Global Menu () and go to Control Panel → Users and Organizations.
Locate the user to impersonate and click Actions () next to the user.
Click Impersonate User.

This opens another browser window logged in as that user.

Resetting a User Password

The Add User functionality includes a Require Password Reset check box at the bottom of the password form. The default password policy prevents administrators from de-selecting this option. You can, however, modify the default password policy to make this box usable.

Open the Global Menu () and go to Control Panel → Password Policies.
Click on the Default Password Policy.
De-select the Change Required switcher in the Password Changes section. Now you can decide whether users you add must reset their passwords.