I setup Authentication and will use the same Windows AD LDAP back-end for Cache refresh. I ran into issues previously when I connected an external AD for Cache refresh as the internal Admin account no longer worked. What I would like is to continue to use an internal Admin account in case the external AD source is down, or if there are other issues related to authentication. Is this a possibility to use the internal Admin account as well as have an external LDAP? Is there a way to add an additional internal Admin account or rename the Admin account? I have since remove and reinstalled Gluu Server 3.1.6 and am about to enable Cache refresh for an external LDAP, but previously it killed my internal Admin account and after exhaustively looking through previous support tickets and not having access to the desktop of the the machine as I'm connecting to it over SSH, I was not able to revert or add a user to the Gluu Manager Group or look at LDAP through JXplorer etc. Why is it that when adding an external LDAP server to Cache refresh my internal Admin account no longer works? The default option is "Keep external persons" which is supposed to be the local Admin account, but this did not work previously. As I said I removed the previous instance and have since redeployed. Is there a step I'm missing. Also, I cannot use "Server IP Address" because we use an ELB and internal ec2 instances which go up and down so I would only be able to use a FQDN of the ELB.. i.e. gluu.dev.domainname.com - It seemed to work, so hopefully it can be either or. I tried to follow the FAQ: https://gluu.org/docs/ce/operation/faq/#no-admin-access-after-cache-refresh but in the 3rd step, I received no output: run this and verify that the output is for your account `/opt/opendj/bin/ldapsearch -h localhost -p 1636 -D "cn=directory manager" -j ~/.pw -Z -X -b "o=gluu" "uid=$newgluuadmin" uid givenName sn cn` It returned nothing, there were no errors and I did not have the groups.ldif file on my system either. Which was the following command to run: `head -n1 /opt/opendj/ldif/groups.ldif > $ldiffile` Any help would be appreciated. I can provide logs only if I try again and I'm not able to login. At this time I'd rather wait for a response before proceeding.