Error when adding an AD user group with long DN/name to a user in the Identity Portal
search cancel

Error when adding an AD user group with long DN/name to a user in the Identity Portal

book

Article ID: 132826

calendar_today

Updated On:

Products

CA Identity Manager CA Identity Governance CA Identity Portal

Issue/Introduction

Oracle error:

When trying to add or remove an Active Directory group via the CA Identity Portal using an Active Directory (AD) endpoint, the access request fails if the name of the group exceeds 255 Characters.

The portal displays an error similar to the one below:

bug String or binary data would be truncated.

bug JTA transaction unexpectedly rolled back (maybe due to a timeout); nested exception is javax.transaction.RollbackException: ARJUNA016053: Could not commit transaction.

bug could not execute statement

bug ARJUNA016053: Could not commit transaction.

bug org.hibernate.exception.DataException: could not execute statement 

===================

MS SQL error:

You will see request failed error message in the Identity Portal:

"Truncated value" <value>

Please contact your system administrator."

In the server.log we see error:

Caused by: com.microsoft.sqlserver.jdbc.SQLServerException: String or binary data would be truncated in table 'PORTAL.dbo.request_account', column 'entitlement_id'. Truncated value.

 

Environment

IdentityMinder(Identity Manager), Identity Portal14.1, 14.3, 14.4, 14.5

Cause

This is a limitation of the Identity portal database schema.

Resolution

It is the CA Identity Manager (IM) Engineering teams policy is to avoid making database schema change fixes in hot fixes or cumulative patches, therefore a "proper" fix will be available in next IP release. 

Any changes will be implemented for new installations. Other changes will be documented in Post Upgrade steps of Identity Portal upgrade. 

In the meantime we can give you a workaround to increase the column length in the sigma database. The IP table is called 'request_account'. you can use the sql ALTER command to increase the 'request_account' table column length.

 

MS SQL Server database example :

ALTER TABLE request_account alter column entitlement_name nvarchar(2048);
ALTER TABLE request_account alter column entitlement_id nvarchar(2048);

 

Oracle database example:

ALTER TABLE request_account MODIFY entitlement_name NVARCHAR2(2048);

ALTER TABLE request_account MODIFY entitlement_id NVARCHAR2(2048);

 

Please make sure that you backup the Database before making any changes. 

Powered by Wolken Software