Identity Manager role definition export taking too long
search cancel

Identity Manager role definition export taking too long

book

Article ID: 210825

calendar_today

Updated On:

Products

CA Identity Manager CA Identity Suite

Issue/Introduction

An attempt to export roles and tasks from Identity Management console never completes.

A similar attempt utilizing ImportExportUtil.bat results in an error

-----------------------------------------------------------
-------------------Starting a new Export-------------------
-----------------------------------------------------------
Exporting Directory 'ProvStore'...
Management Console is not protected, ignoring the provided username and password.
 disposition attachment; filename=ProvStore.xml;
Exported Filename: ProvStore.xml
Directory Exported Successfully!!!
Exporting Directory 'UserStore'...
 disposition attachment; filename=UserStore.xml;
Exported Filename: UserStore.xml
Directory Exported Successfully!!!
Exporting Environment 'identityEnv'...
 disposition null
com.ca.identitymanager.importexportutility.utility.ImportExportUtilRuntimeException: Failed : There is some problem with export, file name is missing in response.
Exception in thread "main" com.ca.identitymanager.importexportutility.utility.ImportExportUtilRuntimeException: Failed : There is some problem with export, file name is missing in response.
        at com.ca.identitymanager.importexportutility.utility.Connection.getFileName(Connection.java:312)
        at com.ca.identitymanager.importexportutility.utility.Connection.downloadFile(Connection.java:257)
        at com.ca.identitymanager.importexportutility.utility.Environment.exportResource(Environment.java:27)
        at com.ca.identitymanager.importexportutility.client.ImportExportClient.exportResources(ImportExportClient.java:213)
        at com.ca.identitymanager.importexportutility.client.ImportExportClient.main(ImportExportClient.java:73)

Environment

Release : 14.x

Component : IdentityMinder(Identity Manager)

Cause

There can be different causes, from orphan link to tasks / roles to missing approval policies.

Resolution

Increasing the logging level for ims.jdbc category to DEBUG will write to the log all the queries done on the database.

Inspect the latest item exported (role / task / screen etc) and inspect that item in Identity Manager - if the task is associated with a no longer relevant item (role which is no longer define, for example).

If the role in question in Provisioning Role, inspect the relevant role using Provisioning Manager and ensure the name is an exact match and all the associated account templates exist. If the name in IM and in Provisioning Manager is not identical, we should

1. Delete the role using Provisioning Manager
2. Create the role using Provisioning Manager with the exact same name as it appears in Identity Manager UI

Powered by Wolken Software