Question
· Aug 23, 2019

Cannot log into another user in Management Portal

In System Management Portal, I'm on UnknownUser (which I've accidentally removed the %All role from), so I log out of UnknownUser and try to log in as root or Admin, but only see the following screen: 

 

I want to see a screen like this so I can change the user I log into: 

 

How do I change the user in Management Portal? 

Discussion (9)2
Log in or sign up to continue

Log In over Terminal as Privileged User and move to Namespace %SYS   and fix your Security 

USER>ZN "%SYS"
%SYS>DO ^SECURITY
 
1) User setup
2) Role setup
3) Service setup
4) Resource setup
5) Application setup
6) Auditing setup
7) Domain setup
8) SSL configuration setup
9) Mobile phone service provider setup
10) OpenAM Identity Services setup
11) Encryption key setup
12) System parameter setup
13) X509 User setup
14) Exit
 
Option? 5
 
1) Create application
2) Edit application
3) List applications
4) Detailed list applications
5) Delete application
6) Export applications
7) Import applications
8) Exit
 
Option? 2
 
Application to edit? ?
 
 Num  Name                           Namespace
  1)  /api/atelier                   %SYS
  2)  /api/deepsee                   %SYS
  3)  /csp/samples                   SAMPLES
  4)  /csp/samples/docserver         SAMPLES
  5)  /csp/user                      USER
  6)  /isc/studio/usertemplates      %SYS
  7)  /TEST                          SAMPLES
  8)  /webShop                       USER
  9)  /csp/broker                    %SYS
 10)  /csp/docbook                   DOCBOOK
 11)  /csp/documatic                 DOCBOOK
 12)  /csp/sys                       %SYS
 13)  /csp/sys/bi                    %SYS
 14)  /csp/sys/exp                   %SYS
 15)  /csp/sys/mgr                   %SYS
 16)  /csp/sys/op                    %SYS
 17)  /csp/sys/sec                   %SYS
 18)  /isc/pki                       %SYS
 19)  /isc/studio/rules              %SYS
 20)  /isc/studio/templates          %SYS
 
Application to edit? 12 /csp/sys
Description? System Management Portal =>
Enabled? Yes => Yes
CSP/ZEN Enabled? Yes => Yes
DeepSee Enabled? No => No
iKnow Enabled? No => No
Inbound Web Services Enabled? Yes => Yes
Require resource to use application? No => No
Role to always add to application?
New match role to add to application?
Do you want to go back and re-edit any match roles or target roles? No => No
Allow Not authenticated access? Yes => NO
Allow Password authentication? No => YES
Accept Login Tokens created by other CSP applications? No =>

For posterity:

On a minimal security install unauthenticated access is the only authentication method enabled for most services. We document the risk of modifying roles for UnknownUser (used for unauthenticated access) and cover some other security considerations here:

https://cedocs.intersystems.com/latest/csp/docbook/DocBook.UI.Page.cls?KEY=GCAS_tighten

If you end up in a situation where your security settings no longer allow you to access Caché, you can use emergency startup mode as documented to log into Caché and fix your settings:

https://cedocs.intersystems.com/latest/csp/docbook/DocBook.UI.Page.cls?KEY=GCAS_secmgmt#GCAS_secmgmt_emerg

Much appreciation to my colleague Jon who walked through these steps with Joshua.