Submit Feedback
Legacy Knowledge Base
Published Jul. 2, 2025

LDAP server is unreachable when "Required" option is enabled

Written By

Sivakumar Perumal

How To articles are not official guidelines or officially supporteddocumentation. They are community-contributed content and may not alwaysreflect the latest updates to Liferay DXP. We welcome your feedback toimprove How to articles!

While we make every effort to ensure this Knowledge Base is accurate, itmay not always reflect the most recent updates or official guidelines.We appreciate your understanding and encourage you to reach out with anyfeedback or concerns.

Legacy Article

You are viewing an article from our legacy "FastTrack"publication program, made available for informational purposes. Articlesin this program were published without a requirement for independentediting or verification and are provided "as is" withoutguarantee.

Before using any information from this article, independently verify itssuitability for your situation and project.

Issue

  • For any virtual instances apart from a default instance, if the "Required" option in LDAP is enabled, only LDAP users can log in to the portal. When the LDAP server is down/unreachable, none of the users able to log in. In that case, how to login to the portal to make the changes in LDAP configurations.

Environment

  • Liferay DXP 7.2
  • Liferay DXP 7.1

Resolution

Placing the config file(com.liferay.portal.security.ldap.authenticator.configuration.LDAPAuthConfiguration.config) inside the configs folder would help to enable and disable the "Required" option and even disabling the LDAP server as well based on the values. By doing so, any user can log in to the portal.

How to get config file?

Step1: Enable LDAP from System Settings and export the config file.
Control Panel -> Configuration -> System Settings -> LDAP -> Click on the lexicon three-dot button and click on export. It will provide the config file.
(disable LDAP from system settings after downloaded the config file)

Step2: Need to find the companyId.
Control Panel -> Configuration -> Virtual Instances -> Note the Instance Id.

Note: Instance Id and companyId are same.

Update the downloaded .config file by placing the respective Instance Id in companyId field, set "false" for "required" option to disable the Required option, and set "false" for "enabled" option to disable the LDAP server. Once it is done, place the config file inside this location {LIFERAY_HOME}/osgi/configs/ to make changes in LDAP without logging in into the portal.

For your ease reference: Config file(com.liferay.portal.security.ldap.authenticator.configuration.LDAPAuthConfiguration-1b6b062e-3ed6-429e-90bc-3bd919d20fb5.config) and its contents.

companyId = L"35449"
enabled = B"false"
method="bind"
passwordEncryptionAlgorithm="NONE"
passwordPolicyEnabled = B"false"
required = B"false"

Additional Information

  • Please be informed that this is a workaround to overcome the situation and this may differ case by case.
  • Liferay strongly recommends to provide the concrete connection between the LDAP server and Liferay for seamless login.
Did this article resolve your issue ?
Legacy Knowledge Base
Did this article resolve your issue ?