Deleting Users via Enforce UI causes RSOD
search cancel

Deleting Users via Enforce UI causes RSOD

book

Article ID: 159935

calendar_today

Updated On:

Products

Data Loss Prevention Enforce Data Loss Prevention Data Loss Prevention Enterprise Suite Data Loss Prevention Plus Suite

Issue/Introduction

Unable to delete a user even when the Administrator account is being used.

Log file indicates within the tomcat log the following:

Error: "03 Aug 2010 14:56:28,862- Thread: 25 WARNING [com.vontu.manager.struts.transactions.BeginsAndCompletesTransactionProxy] Exception thrown by class com.vontu.manager.admin.user.delete.DeleteUserAction.execute
03 Aug 2010 14:56:28,862- Thread: 25 WARNING [com.vontu.manager.struts.transactions.BeginsAndCompletesTransactionProxy] Aborting transaction after method call failed [class com.vontu.manager.admin.user.delete.DeleteUserAction.execute]
03 Aug 2010 14:56:28,878- Thread: 25 SEVERE [com.vontu.manager] [/RemoveUser] Unexpected error occurred while processing action
03 Aug 2010 14:56:28,878- Thread: 25 SEVERE [com.vontu.manager] [/RemoveUser] 
Cause:
java.lang.IllegalArgumentException: can not lock null object
java.lang.IllegalArgumentException: can not lock null object"

Cause

Within our framework, we do use as a unique key the user id and only have one active user id for each name. In your specific case, both names have active ids associated. In the following example, the user we cannot delete is named 'abcde'

Username = abcde

When you dump the UserID, name and isdeleted flag via

select USERID, NAME, ISDELETED from protectuser where Name = ‘abcde';

 

    USERID NAME                                       ISDELETED       

---------- ------------------------------   ----------        

       161 abcde                                            

 

This can only occur if you manually modify the protect user content via sql script, which is not supported. It should be noted that the user accounts within DLP are case sensitive.  However, if you have an AD integrated system, AD is case incentive, so this could cause problems on another level.

When the system now tries to delete them, it will do a crosscheck if all entries have the deleted flag set. This fails because there is still the secondary flag from the other reference and throws the RSOD as an unhandled exception.


Resolution

Contact Support for further assistance.

Powered by Wolken Software