There is an easy way to fix this... don't worry! Follow these steps... 1. Figure out the DN of the person (or persons) you want to make admin by searching the ou=people,o=(org-inum),o=gluu 2. Add these DN's to the "member" attribute of the manager group under ou=groups,o=(org-inum),o=gluu. It should be the only group there. 3. Login!

Thanks for the super fast response! I am not sure how to do the search or how to do step 2... I tried using info from [https://www.gluu.org/docs/faq/troubleshooting/](https://www.gluu.org/docs/faq/troubleshooting/) but think that the account it is using was removed by the sync or by me changing the auth method prior to doing the sync. Here is what I see: ```bash [root@gluu-test ~]# /opt/opendj/bin/ldapsearch -p 1389 -D 'cn=directory manager' -w 'the-one-from-install-time' -b o=gluu gluuGroupType=gluuManagerGroup 1.1 Connect Error Result Code: 91 (Connect Error) [root@gluu-test ~]# /opt/opendj/bin/ldapsearch -h localhost -p 1389 -D "cn=directory manager" -w 'the-one-from-install-time' -b "ou=appliances,o=gluu" -s one "objectclass=*" oxAuthenticationMode Connect Error Result Code: 91 (Connect Error) ```

1. I forgot... you can just check `/opt/opendj/ldif/groups.ldif` for the group DN 2. Don't use `-w` in your `ldapsearch` because it leaves the DM password in the .bash_history. Write the password to a file and use `-j` Try something like this: ``` /opt/opendj/bin/ldapsearch -h localhost -p 1636 -D "cn=directory manager" -j ~/.pw -Z -X -b "o=gluu" "sn=Liverman" uid sn ``` 2. I like JXplorer... if you port forward port 1636 in ssh it should work fine. It has a copy DN feature... 3. The ldif you will make will look something like this: ``` dn: inum=@!134D.3C3D.796E.FECE!0001!E022.CC3C!0003!60B7,ou=groups,o=@!134D.3C3D.796E.FECE!0001!E022.CC3C,o=gluu changetype: modify add: member member: inum=@!134D.3C3D.796E.FECE!0001!E022.CC3C!0000!A8F2.DE1E.D7FB,ou=people,o=@!134D.3C3D.796E.FECE!0001!E022.CC3C,o=gluu ``` 4. Then use ldapmodify with similar connection options to load it ``` /opt/opendj/bin/ldapmodify -h localhost -p 1636 -D "cn=directory manager" -j ~/.pw -Z -X -f addManagers.ldif ```

Perfect! Thank you so much! Here are my notes in case anyone (including me later) needs them: Add the password for your admin account to `~/.pw` and then use the commands below to add yourself as an admin. ```bash # set this to your actual user name export newgluuadmin='myusername' # this is the file that will hold the info to be imported export ldiffile='addManagers.ldif' # run this and verify that the output is for your account /opt/opendj/bin/ldapsearch -h localhost -p 1636 -D "cn=directory manager" -j ~/.pw -Z -X -b "o=gluu" "uid=$newgluuadmin" uid givenName sn cn dn: inum=@!134D.3C3D.796E.FECE!0001!E022.CC3C!0000!A8F2.DE1E.D7FB,ou=people,o=@!134D. 3C3D.796E.FECE!0001!E022.CC3C,o=gluu uid: myusername givenName: John sn: Doe cn: John Doe ``` Now you can run these commands to make the file above: ```bash head -n1 /opt/opendj/ldif/groups.ldif > $ldiffile echo 'changetype: modify' >> $ldiffile echo 'add: member' >> $ldiffile echo "member: $(/opt/opendj/bin/ldapsearch -h localhost -p 1636 -D "cn=directory manager" -j ~/.pw -Z -X -b "o=gluu" "uid=$newgluuadmin" uid givenName sn cn |grep -A1 dn |cut -d ' ' -f 2- | sed 'N;s/\n//')" >> $ldiffile ``` The resulting ldif will look like this: ```bash dn: inum=@!134D.3C3D.796E.FECE!0001!E022.CC3C!0003!60B7,ou=groups,o=@!134D.3C3D.796E.FECE!0001!E022.CC3C,o=gluu changetype: modify add: member member: inum=@!134D.3C3D.796E.FECE!0001!E022.CC3C!0000!A8F2.DE1E.D7FB,ou=people,o=@!134D.3C3D.796E.FECE!0001!E022.CC3C,o=gluu ``` Once the ldif looks right, run this to grant your account admin rights in Gluu: ```bash /opt/opendj/bin/ldapmodify -h localhost -p 1636 -D "cn=directory manager" -j ~/.pw -Z -X -f addManagers.ldif ``` Log into the web interface and pick up where you left off :)

Very cool! I love it.

Maybe this could be added to the troubleshooting page?

Will do, Gene.

[Added](https://gluu.org/docs/faq/troubleshooting/#no-admin-access-after-cache-refresh). Thanks, Gene.