After apply 14.4 standalone IDM environment with the CP01 patch
When create or modify user task, getting a "No items found" error.
Server log shows the following error:
2022-04-21 08:03:07,034 DEBUG [ims.llsdk.role.azcache.######] (default task-10) Evaluating policies for user adrmakte of type IDENTITY POLICY SET:Identity Policy Set realm in environment LDB IAM Internal Environment
2022-04-21 08:03:07,034 DEBUG [ims.llsdk.role.azcache.######] (default task-10) Getting All Policies: Getting policies for key [IDENTITY POLICY SET:Identity Policy Set] in environment LDB IAM Internal Environment
2022-04-21 08:03:07,044 DEBUG [ims.jdbc.JDBCManagedObjectProvider] (default task-10) SELECT "IM_ENVIRONMENT_JDBC"."UNIQUE_NAME", "VERSION", "SMOID", "DIRECTORYDN", "PUBLICALIAS", "ALIAS", "DESCRIPTION", "FRIENDLYNAME" FROM "IM_ENVIRONMENT_JDBC" WHERE "UNIQUE_NAME"=? ORDER BY "UNIQUE_NAME" DESC (24)
2022-04-21 08:03:07,057 DEBUG [ims.jdbc.JDBCManagedObjectProvider] (default task-10) Is scroll insensitive result set type: true
Is forward only result set type: false
2022-04-21 08:03:07,076 DEBUG [ims.jdbc.JDBCManagedObjectProvider] (default task-10) No results found from the query: SELECT FROM WHERE "UNIQUE_NAME"='24'
2022-04-21 08:03:07,077 ERROR [ims.tmt.submit.validation.blth] (default task-10) Exception in BLTH handleTask: [facility=4 severity=2 reason=0 status=38 message=No items found]
No items found
at com.netegrity.llsdk6.imsimpl.securityengine.PolicyEngine.getCurrentIdentityPolicies(PolicyEngine.java:1832)
at com.netegrity.llsdk6.imsimpl.provider.SynchronizationProviderImpl.getMatchingIdentityPolicies(SynchronizationProviderImpl.java:124)
at com.ca.identitymanager.provisioning.adapter.BlthPreventativeIdentityPolicy.handleSubmission(BlthPreventativeIdentityPolicy.java:77)
Please note that when I was applying CP01, I had to also perform the change in this article (https://knowledge.broadcom.com/external/article?articleId=232528). Without this change, identity policies weren't showing up properly.
Release : 14.4
Component : Identity manager
This is due to orphaned identity policies that are associated with non-existing OID.
Remove orphaned policy ID under IM_IDENTITY_POLICY_SET table