Versions Compared

Old Version 17

changes.mady.by.user Former user

Saved on

compared with

New Version 18

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Table of Content Zone
maxLevel4
minLevel4
locationtop

Update before the first startup

- Recommended

(recommended)

Anchor
UpdateRole1
UpdateRole1

You can change the default role names (admin and everyone) before starting up the WSO2 Identity Server. To do this, change the following elements in the <PRODUCT_HOME>/repository/conf/user-mgt.xml file:

  • Change <AdminRole>admin</AdminRole> to <AdminRole>New role name</AdminRole>.
  • Change <EveryOneRoleName>everyone</EveryOneRoleName> to <EveryOneRoleName>New role name</EveryOneRoleName>.
Code Block
languagehtml/xml
<Configuration> 
	<AdminRole>admin</AdminRole> 
	<AdminUser> 
		<UserName>admin</UserName> 
		<Password>admin</Password> 
	</AdminUser> 
	<EveryOneRoleName>everyone</EveryOneRoleName> <!-- By default users in this role sees the registry root --> 
	<Property name="dataSource">jdbc/WSO2CarbonDB</Property> 
	<Property name="MultiTenantRealmConfigBuilder">org.wso2.carbon.user.core.config.multitenancy.SimpleRealmConfigBuilder</Property> 
</Configuration>

Update after the product is used for

sometime  - Advanced Configuration

sometime (advanced configuration)

If you have already updated the role names before the first startup of the product, these steps are not necessary. The following steps guide you through updating the role names after you have used the product for some time. 

  1. Make the configuration changes indicated in the above section.
  2. Do the following user store level changes for existing users: 

    • If you are connected to the JDBCUserStoreManager, update the UM_USER_ROLE table with the existing users and the new role names that you defined in place of the 'admin' and 'everyone' roles. If you have changed the permissions of the 'everyone' role, update the UM_ROLE_PERMISSION table the permissions of the new role.

      Info

      The schema can be located by referring to the data source defined in the user-mgt.xml file. The data source definition can be found in the repository/conf/datasources/master-datasources.xml file.

    • If you are connected to the ReadWriteLdapUserStoreManager, populate the members of the previous admin role to the new role under Groups.
  3. After the changes have been made, restart the server.

...