diff --git a/addons/userrights/userrightsmatrix.class.inc.php b/addons/userrights/userrightsmatrix.class.inc.php
index 9919204d1..f9b8d5c19 100644
--- a/addons/userrights/userrightsmatrix.class.inc.php
+++ b/addons/userrights/userrightsmatrix.class.inc.php
@@ -144,6 +144,11 @@ class UserRightsMatrix extends UserRightsAddOnAPI
 		return ($oUser->GetKey() == 1);
 	}
 
+	public function IsPortalUser($oUser)
+	{
+		return ($oUser->GetKey() == 1);
+	}
+
 	public function Setup()
 	{
 		// Users must be added manually
diff --git a/addons/userrights/userrightsnull.class.inc.php b/addons/userrights/userrightsnull.class.inc.php
index ad1b807b8..f31ce3b25 100644
--- a/addons/userrights/userrightsnull.class.inc.php
+++ b/addons/userrights/userrightsnull.class.inc.php
@@ -37,6 +37,11 @@ class UserRightsNull extends UserRightsAddOnAPI
 		return true;
 	}
 
+	public function IsPortalUser($oUser)
+	{
+		return true;
+	}
+
 	public function Setup()
 	{
 		return true;
diff --git a/addons/userrights/userrightsprofile.class.inc.php b/addons/userrights/userrightsprofile.class.inc.php
index 05fb60f27..05e729e04 100644
--- a/addons/userrights/userrightsprofile.class.inc.php
+++ b/addons/userrights/userrightsprofile.class.inc.php
@@ -24,7 +24,8 @@
  * @license     http://www.opensource.org/licenses/gpl-3.0.html LGPL
  */
 
-define('ADMIN_PROFILE_ID', 1);
+define('ADMIN_PROFILE_NAME', 'Administrator');
+define('PORTAL_PROFILE_NAME', 'Portal user');
 
 class UserRightsBaseClass extends cmdbAbstractObject
 {
@@ -80,6 +81,68 @@ class URP_Profiles extends UserRightsBaseClass
 		MetaModel::Init_SetZListItems('advanced_search', array('name')); // Criteria of the advanced search form
 	}
 
+	protected $m_bCheckReservedNames = true;
+	protected function DisableCheckOnReservedNames()
+	{
+		$this->m_bCheckReservedNames = false;
+	}
+
+	/*
+	* Create the built-in Administrator profile with its reserved name
+	*/	
+	public static function DoCreateAdminProfile()
+	{
+		$oNewObj = MetaModel::NewObject("URP_Profiles");
+		$oNewObj->Set('name', ADMIN_PROFILE_NAME);
+		$oNewObj->Set('description', 'Has the rights on everything (bypassing any control)');
+		$oNewObj->DisableCheckOnReservedNames();
+		$iNewId = $oNewObj->DBInsertNoReload();
+	}
+
+	/*
+	* Create the built-in User Portal profile with its reserved name
+	*/	
+	public static function DoCreateUserPortalProfile()
+	{
+		$oNewObj = MetaModel::NewObject("URP_Profiles");
+		$oNewObj->Set('name', PORTAL_PROFILE_NAME);
+		$oNewObj->Set('description', 'Has the rights to access to the user portal. People having this profile will not be allowed to access the standard application, they will be automatically redirected to the user portal.');
+		$oNewObj->DisableCheckOnReservedNames();
+		$iNewId = $oNewObj->DBInsertNoReload();
+	}
+
+	/*
+	* Overload the standard behavior to preserve reserved names
+	*/	
+	public function DoCheckToWrite()
+	{
+		parent::DoCheckToWrite();
+
+		if ($this->m_bCheckReservedNames)
+		{
+			$aChanges = $this->ListChanges();
+			if (array_key_exists('name', $aChanges))
+			{
+				if ($this->GetOriginal('name') == ADMIN_PROFILE_NAME)
+				{
+					$this->m_aCheckIssues[] = "The name of the Administrator profile must not be changed";
+				}
+				elseif ($this->Get('name') == ADMIN_PROFILE_NAME)
+				{
+					$this->m_aCheckIssues[] = ADMIN_PROFILE_NAME." is a reserved to the built-in Administrator profile";
+				}
+				elseif ($this->GetOriginal('name') == PORTAL_PROFILE_NAME)
+				{
+					$this->m_aCheckIssues[] = "The name of the User Portal profile must not be changed";
+				}
+				elseif ($this->Get('name') == PORTAL_PROFILE_NAME)
+				{
+					$this->m_aCheckIssues[] = PORTAL_PROFILE_NAME." is a reserved to the built-in User Portal profile";
+				}
+			}
+		}
+	}
+
 	function GetGrantAsHtml($oUserRights, $sClass, $sAction)
 	{
 		$iGrant = $oUserRights->GetProfileActionGrant($this->GetKey(), $sClass, $sAction);
@@ -385,20 +448,24 @@ class UserRightsProfile extends UserRightsAddOnAPI
 		//$oContact->Set('location_id', $iLocationId);
 		//$oContact->Set('employee_number', '');
 		$iContactId = $oContact->DBInsertTrackedNoReload($oChange);
-		
+
 		$oUser = new UserLocal();
 		$oUser->Set('login', $sAdminUser);
 		$oUser->Set('password', $sAdminPwd);
 		$oUser->Set('contactid', $iContactId);
 		$oUser->Set('language', $sLanguage); // Language was chosen during the installation
 		$iUserId = $oUser->DBInsertTrackedNoReload($oChange);
-		
+
 		// Add this user to the very specific 'admin' profile
-		$oUserProfile = new URP_UserProfile();
-		$oUserProfile->Set('userid', $iUserId);
-		$oUserProfile->Set('profileid', ADMIN_PROFILE_ID);
-		$oUserProfile->Set('reason', 'By definition, the administrator must have the administrator profile');
-		$oUserProfile->DBInsertTrackedNoReload($oChange);
+		$oAdminProfile = MetaModel::GetObjectFromOQL("SELECT URP_Profiles WHERE name = :name", array('name' => ADMIN_PROFILE_NAME), true /*all data*/);
+		if (is_object($oAdminProfile))
+		{
+			$oUserProfile = new URP_UserProfile();
+			$oUserProfile->Set('userid', $iUserId);
+			$oUserProfile->Set('profileid', $oAdminProfile->GetKey());
+			$oUserProfile->Set('reason', 'By definition, the administrator must have the administrator profile');
+			$oUserProfile->DBInsertTrackedNoReload($oChange);
+		}
 		return true;
 	}
 
@@ -417,6 +484,7 @@ class UserRightsProfile extends UserRightsAddOnAPI
 
 
 	protected $m_aAdmins; // id of users being linked to the well-known admin profile
+	protected $m_aPortalUsers; // id of users being linked to the well-known admin profile
 
 	protected $m_aProfiles; // id -> object
 	protected $m_aUserProfiles; // userid,profileid -> object
@@ -437,6 +505,7 @@ class UserRightsProfile extends UserRightsAddOnAPI
 		$this->m_aUserOrgs = null;
 
 		$this->m_aAdmins = null;
+		$this->m_aPortalUsers = null;
 
 		// Loaded on demand (time consuming as compared to the others)
 		$this->m_aClassActionGrants = null;
@@ -481,13 +550,18 @@ class UserRightsProfile extends UserRightsAddOnAPI
 		$oUserProfileSet = new DBObjectSet(DBObjectSearch::FromOQL_AllData("SELECT URP_UserProfile"));
 		$this->m_aUserProfiles = array();
 		$this->m_aAdmins = array();
+		$this->m_aPortalUsers = array();
 		while ($oUserProfile = $oUserProfileSet->Fetch())
 		{
 			$this->m_aUserProfiles[$oUserProfile->Get('userid')][$oUserProfile->Get('profileid')] = $oUserProfile;
-			if ($oUserProfile->Get('profileid') == ADMIN_PROFILE_ID)
+			if ($oUserProfile->Get('profile') == ADMIN_PROFILE_NAME)
 			{
 				$this->m_aAdmins[] = $oUserProfile->Get('userid');
 			}
+			elseif ($oUserProfile->Get('profile') == PORTAL_PROFILE_NAME)
+			{
+				$this->m_aPortalUsers[] = $oUserProfile->Get('userid');
+			}
 		}
 
 		$oUserOrgSet = new DBObjectSet(DBObjectSearch::FromOQL_AllData("SELECT URP_UserOrg"));
@@ -535,6 +609,20 @@ exit;
 		}
 	}
 
+	public function IsPortalUser($oUser)
+	{
+		$this->LoadCache();
+
+		if (in_array($oUser->GetKey(), $this->m_aPortalUsers))
+		{
+			return true;
+		}
+		else
+		{
+			return false;
+		}
+	}
+
 	public function GetSelectFilter($oUser, $sClass)
 	{
 		$this->LoadCache();
@@ -780,18 +868,6 @@ class SetupProfiles
 		return $iId;
 	}
 	
-	protected static function DoCreateAdminProfile()
-	{
-		$oNewObj = MetaModel::NewObject("URP_Profiles");
-		$oNewObj->Set('name', 'Administrator');
-		$oNewObj->Set('description', 'Has the rights on everything (bypassing any control)');
-		$iNewId = $oNewObj->DBInsertNoReload();
-		if ($iNewId != ADMIN_PROFILE_ID)
-		{
-			throw new CoreException('Admin profile could not be created with its standard id', array('requested'=>ADMIN_PROFILE_ID, 'obtained'=>$iNewId));
-		}
-	}
-
 	protected static function DoCreateOneProfile($sName, $aProfileData)
 	{
 		$sDescription = $aProfileData['description'];
@@ -873,7 +949,8 @@ class SetupProfiles
 	
 	public static function DoCreateProfiles()
 	{
-		self::DoCreateAdminProfile();
+		URP_Profiles::DoCreateAdminProfile();
+		URP_Profiles::DoCreateUserPortalProfile();
 
 		foreach(self::$m_aProfiles as $sName => $aProfileData)
 		{
diff --git a/addons/userrights/userrightsprojection.class.inc.php b/addons/userrights/userrightsprojection.class.inc.php
index dc4aab1f2..b69002265 100644
--- a/addons/userrights/userrightsprojection.class.inc.php
+++ b/addons/userrights/userrightsprojection.class.inc.php
@@ -653,6 +653,12 @@ class UserRightsProjection extends UserRightsAddOnAPI
 		}
 	}
 
+	public function IsPortalUser($oUser)
+	{
+		return true;
+		// See implementation of userrightsprofile
+	}
+
 	public function Setup()
 	{
 		SetupProfiles::ComputeITILProfiles();
diff --git a/core/dbobject.class.php b/core/dbobject.class.php
index ef84955d5..555a10a14 100644
--- a/core/dbobject.class.php
+++ b/core/dbobject.class.php
@@ -1130,6 +1130,8 @@ abstract class DBObject
 			$aScalarArgs[$sArgName.'->id'] = $this->GetKey();
 			$aScalarArgs[$sArgName.'->object()'] = $this;
 			$aScalarArgs[$sArgName.'->hyperlink()'] = $this->GetHyperlink();
+			// #@# Prototype for a user portal - to be dehardcoded later 
+			$aScalarArgs[$sArgName.'->hyperlink(portal)'] = '../portal/index.php?operation=details&id='.$this->GetKey();
 			$aScalarArgs[$sArgName.'->name()'] = $this->GetName();
 		
 			$sClass = get_class($this);
diff --git a/core/metamodel.class.php b/core/metamodel.class.php
index 9c3e428fd..ce66476d4 100644
--- a/core/metamodel.class.php
+++ b/core/metamodel.class.php
@@ -3468,6 +3468,18 @@ abstract class MetaModel
 		return self::GetObjectByRow($sClass, $aRow);
 	}
 
+	public static function GetObjectFromOQL($sQuery, $aParams = null, $bAllowAllData = false)
+	{
+		$oFilter = DBObjectSearch::FromOQL($sQuery, $aParams);
+		if ($bAllowAllData)
+		{
+			$oFilter->AllowAllData();
+		}
+		$oSet = new DBObjectSet($oFilter);
+		$oObject = $oSet->Fetch();
+		return $oObject;
+	}
+
 	public static function GetHyperLink($sTargetClass, $iKey)
 	{
 		if ($iKey < 0)
diff --git a/core/userrights.class.inc.php b/core/userrights.class.inc.php
index 7d432f077..94e3ff214 100644
--- a/core/userrights.class.inc.php
+++ b/core/userrights.class.inc.php
@@ -62,6 +62,7 @@ abstract class UserRightsAddOnAPI
 	abstract public function IsStimulusAllowed($oUser, $sClass, $sStimulusCode, /*dbObjectSet*/ $oInstanceSet = null);
 	abstract public function IsActionAllowedOnAttribute($oUser, $sClass, $sAttCode, $iActionCode, /*dbObjectSet*/ $oInstanceSet = null);
 	abstract public function IsAdministrator($oUser);
+	abstract public function IsPortalUser($oUser);
 	abstract public function FlushPrivileges();
 }
 
@@ -620,6 +621,23 @@ class UserRights
 		return self::$m_aAdmins[$iUser];
 	}
 
+	static $m_aPortalUsers = array();
+	public static function IsPortalUser($oUser = null)
+	{
+		if (!self::CheckLogin()) return false;
+
+		if (is_null($oUser))
+		{
+			$oUser = self::$m_oUser;
+		}
+		$iUser = $oUser->GetKey();
+		if (!isset(self::$m_aPortalUsers[$iUser]))
+		{
+			self::$m_aPortalUsers[$iUser] = self::$m_oAddOn->IsPortalUser($oUser);
+		}
+		return self::$m_aPortalUsers[$iUser];
+	}
+
 	/**
 	 * Reset cached data
 	 * @param Bool Reset admin cache as well