ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Performing a Modify User task and trying to search for Groups to add to a User fails with a findGroupsAdminCanManageInScope error

book

Article ID: 145654

calendar_today

Updated On:

Products

CA Identity Manager CA Identity Suite

Issue/Introduction

Performing a Modify User task and trying to search for Groups to add to a User fails with a findGroupsAdminCanManageInScope error

Cause

The findGroupsAdminCanManageInScope error which happens when the %GROUP_ADMIN_GROUP% well-known (i.e. imGroupAdminGroup attribute) value on your groups objects point to a non-existing group.

Resolution

You will want to put your IM Server into DEBUG level logging for at least the ims.llsdk.directory.jndi category and then check what the last search was before the findGroupsAdminCanManageInScope error/exception and then correct your data by either recreating that missing group or by removing that value from the %GROUP_ADMIN_GROUP% well-known of all groups.