search cancel

Web VPM warns "User already exists" but I can't edit the user

book

Article ID: 244059

calendar_today

Updated On:

Products

ProxySG Software - SGOS

Issue/Introduction

I can't edit a User object and the Apply button is grayed out.

The ProxySG Web VPM has an error "<realm>:<user> already exists as <realm>:<user>."

Cause

The legacy VPM allows case-sensitive User object names, such as Bkent, bkent, and bKent. The Web VPM does not allow case-sensitive User object names; for example, if a User object named BKent already exists, you cannot create a User object named bKent. As a result, when you use the Web VPM to edit policy that was created in the legacy VPM, the web VPM considers any existing User objects whose names differ only in letter case to be duplicates. 
 
Starting in versions 6.7.5.18 and 7.3.9.1, the web VPM displays a warning when you click Edit to change an existing User object to another object that has a duplicate. In the following example, the dialog indicates that bKent is a duplicate of Bkent. The Apply button is unavailable and you can't make any changes to the object.


Resolution

Instead of using Edit to change a User object to another existing User object, use Set

For example, use Set to change the current user to:

  • Another existing unique user, such as “wsmith” to “asahlen”.
  • A different existing user that has a duplicate, such as “wsmith” to "bkent" (where other instances such as "bKent" exist).
  • Another instance of the current user, such as "bKent" to "bkent".

Refer to the following instructions for selecting another user in single User objects and in Combined Source objects.

Note: In a future release, the web VPM will facilitate resolving duplicate objects without affecting policy operation. To receive updates about this feature, subscribe to this KB article and refer to the SGOS Release Notes for future releases.

Change the User object in a rule 

  1. In an affected rule, select the user and click Set.
  2. In the Set Source Object menu, select the duplicate to replace the current selection. The VPM displays the duplicate warning, but does not prevent you from saving changes.
  3. Click Set to save the user.

To change to a user that does not have an existing User object, click Add a new object. In the menu, select User to add the new user.

 

Change the User object in a Combined Source object 

  1. In an affected rule, select the combined object and click Edit.
  2. (If the combined object is nested) In the list of objects, locate the nested combined object and click the Edit icon.
  3. In the list of objects:
    • Clear the checkbox for the current user.
    • Select the checkbox for a different user.



  4. Click Apply to save the changes to the combined object.

Attachments