Groups Tab in User Creation/Modification
Article ID: 113220
Updated On:
Products
CA Identity Manager
CA Identity Governance
CA Identity Portal
Issue/Introduction
When a search for a group or user is not returning any results although it should, and the IM log shows an error:
ERROR [ims.llsdk.directory.jndi.searcher] (default task-14) javax.naming.directory.InvalidSearchFilterException: invalid attribute description; remaining name 'ou=im,ou=ca,o=com'
at com.sun.jndi.ldap.Filter.encodeSimpleFilter(Filter.java:446)
at com.sun.jndi.ldap.Filter.encodeFilter(Filter.java:146)
at com.sun.jndi.ldap.Filter.encodeFilterList(Filter.java:741)
at com.sun.jndi.ldap.Filter.encodeComplexFilter(Filter.java:657)
at com.sun.jndi.ldap.Filter.encodeFilter(Filter.java:111)
at com.sun.jndi.ldap.Filter.encodeFilterList(Filter.java:741)
at com.sun.jndi.ldap.Filter.encodeComplexFilter(Filter.java:657)
at com.sun.jndi.ldap.Filter.encodeFilter(Filter.java:104)
at com.sun.jndi.ldap.Filter.encodeFilterString(Filter.java:74)
at com.sun.jndi.ldap.LdapClient.search(LdapClient.java:548)
at com.sun.jndi.ldap.LdapCtx.doSearch(LdapCtx.java:1985)
at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1844)
at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1769)
ERROR [ims.llsdk.directory.jndi.searcher] (default task-14) javax.naming.directory.InvalidSearchFilterException: invalid attribute description; remaining name 'ou=im,ou=ca,o=com'
at com.sun.jndi.ldap.Filter.encodeSimpleFilter(Filter.java:446)
at com.sun.jndi.ldap.Filter.encodeFilter(Filter.java:146)
at com.sun.jndi.ldap.Filter.encodeFilterList(Filter.java:741)
at com.sun.jndi.ldap.Filter.encodeComplexFilter(Filter.java:657)
at com.sun.jndi.ldap.Filter.encodeFilter(Filter.java:111)
at com.sun.jndi.ldap.Filter.encodeFilterList(Filter.java:741)
at com.sun.jndi.ldap.Filter.encodeComplexFilter(Filter.java:657)
at com.sun.jndi.ldap.Filter.encodeFilter(Filter.java:104)
at com.sun.jndi.ldap.Filter.encodeFilterString(Filter.java:74)
at com.sun.jndi.ldap.LdapClient.search(LdapClient.java:548)
at com.sun.jndi.ldap.LdapCtx.doSearch(LdapCtx.java:1985)
at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1844)
at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1769)
Environment
Identity Portal 14.2
Cause
The cause is a membership role attribute which needs to be removed
Resolution
Remove the membership attribute.
For user search the org membership and for group, the group membership.
The attribute should be made not searchable in the Portal Admin UI under Setup => Managed Object Attributes.
For group and user uncheck the searchable checkbox for membership attributes.
For user search the org membership and for group, the group membership.
The attribute should be made not searchable in the Portal Admin UI under Setup => Managed Object Attributes.
For group and user uncheck the searchable checkbox for membership attributes.
Feedback
Yes
No
Powered by
