Hey all, so I seem to have got myself into a wee bit of a pickle. First off, this is not a case of forgetting the built-in admin username or password. I'm (all too) familiar with the cmd line tool to reset that.
I setup an instance of Portal 10.8.1 to test configuration of a SAML 2.0 Federation with OKTA. This all worked fine until I disabled the option for users to login using built-in Portal accounts. The only administrative user is the built-in portal admin user, and there appears to be no way for me to log in with built-in users anymore. This means I have not way to re-enable built-in user logins via the Portal UI.
I'm so used to using IWA authentication through the web adapter, I figured I'd be able to login with the built-in account by access Portal directly via :7443 but of course that still redirects authentication to OKTA.
I can login to the portaladmin directory using the built-in admin account, but cannot find any way to enable built-in user logins from there.
Looking at the response from the <portal-url>/sharing/rest/portals/self endpoint, I see there is a property named "samlEnabled", with a value of true. However, I have scoured all the configuration files I can find, but am unable to find a setting to control this.
This is just a test setup, so in my case it's not a big deal to reinstall, but there really should be a way to fix this via configuration.
If reinstall is the only answer, I will be submitting a suggestion to Esri that disabling built-in user logins is not allowed unless at least one administrative user from an alternate IdP exists, and IdP settings should be configurable via portaladmin.
Thanks all!