When viewing a user entity in the Information Centric Analytics (ICA) RiskFabric portal, details such as the user's name, manager, phone, department, etc., are blank. Searches for the user by e-mail address or account name may also fail.
This is caused by a disconnect between the entity details associated with events and the entity records as retrieved via ICA's integration with Active Directory (AD) or other organizational system of record. In most cases, this occurs when an event data source (e.g., Symantec DLP) is integrated with ICA prior to an entity data source (e.g., AD).
Determine whether the problem is specific to a single user or applies to most users and events. If the latter, contact Broadcom Support for assistance with purging and restoring events data after integrating ICA with a user data source like Active Directory.