Create User Failing
search cancel

Create User Failing

book

Article ID: 257908

calendar_today

Updated On:

Products

CA Identity Manager

Issue/Introduction

Assign user "User XXXXXXXXXXX" provisioning role "XXXXXXXXXX": javax.naming.NamingException: [LDAP: error code 1 - :ETA_E_0019<RPP>, Object 'Password Profile' read failed: DB Read failed: Bad search filter (ldaps:/XXXXXXXXXXXX1904:20391) ]; remaining name 'eTPasswordProfileName=Password Profile,eTPasswordProfileContainerName=Password Profile,eTNamespaceName=CommonObjects,dc=XXXXXXXXX,dc=eta'

The user information changes, and the role name changes.

Environment

Release : 14.4

Resolution

The only change that has happened since users created without error yesterday was a partial import of admin roles.

This partial admin role import was to be done to add missing roles to the QA environment

The process was to import the admin roles, restart the IME, and test.

that is when the failures started to occur

A complete restart of the services stack was performed, but this did not help to solve the error as it still occurs

I am unsure how this admin role import would cause the error that we are seeing but here is my recommendation for remediation:

1) Shut down 5 of the 6 nodes

2) Check UID to eTGloablUserName is mapped in provisioning mappings

After mapping restart IME and test user creation