Provisioning fails with Object 'Password Profile' read failed
search cancel

Provisioning fails with Object 'Password Profile' read failed

book

Article ID: 257908

calendar_today

Updated On:

Products

CA Identity Manager

Issue/Introduction

Example error from Provisioning Server:

Assign user "User XXXXXXXXXXX" provisioning role "XXXXXXXXXX": javax.naming.NamingException: [LDAP: error code 1 - :ETA_E_0019<RPP>, Object 'Password Profile' read failed: DB Read failed: Bad search filter (ldaps://TestProvServer:20391) ]; remaining name 'eTPasswordProfileName=Password Profile,eTPasswordProfileContainerName=Password Profile,eTNamespaceName=CommonObjects,dc=XXXXXXXXX,dc=eta'

 

Cause

The Identity Manager environment's advanced settings may become corrupted from changes, like partial admin roles import or other configuration changes.

Resolution

If you encounter any of the following, check your Provisioning Advanced Settings attribute mappings to ensure all required attributes are mapped.

 

Error Category 1 from SystemOut.log:

com.netegrity.llsdk6.imsapi.exception.AttributeValidationException: Bad attribute specified

 

Error Category 2 from SystemOut.log:

Assign user "Test User xxxxxxxxxx)" provisioning role "TestRole01": javax.naming.NamingException: [LDAP: error code 1 - :ETA_E_0019<RPP>, Object 'Password Profile' read failed: DB Read failed: Bad search filter (ldaps://TestProvServer:20391) ]; remaining name 'eTPasswordProfileName=Password Profile,eTPasswordProfileContainerName=Password Profile,eTNamespaceName=CommonObjects,dc=TESTDC,dc=eta'

 

Error Category 3 from etatransxxxx.log:

20230110:112509:TID=00093c:Bind      :E051:----:S: ============================================================
20230110:112509:TID=00093c:Bind      :E051:----:S: External Bind (eTGlobalUserName=etaadmin) Requested by User <anonymous> - TenantN
20230110:112509:TID=00093c:Bind      :E051:----:S:+otSet
20230110:112509:TID=00093c:Bind      :E051:----:P:     dn: eTGlobalUserName=etaadmin,eTGlobalUserContainerName=Global Users,eTNamesp
20230110:112509:TID=00093c:Bind      :E051:----:P:+    aceName=CommonObjects,dc=TESTDC
20230110:112509:TID=00093c:Bind      :E051:----:F: SUCCESS: External Bind (eTGlobalUserName=etaadmin)
20230110:112509:TID=002378:Search    :E056:----:F: FAILURE: External Search (eTPasswordProfileName=Password Profile)
20230110:112509:TID=002378:Search    :E056:----:F:     rc:  0x0001 (Operations error)
20230110:112509:TID=002378:Search    :E056:----:F:     msg: :ETA_E_0019<RPP>, Object 'Password Profile' read failed: DB Read failed:
20230110:112509:TID=002378:Search    :E056:----:F:+ Bad search filter (ldaps://TestProvServer:20391)
20230110:112509:TID=002378:Search    :E056:----:P:     base-dn: eTPasswordProfileName=Password Profile,eTPasswordProfileContainerNam
20230110:112509:TID=002378:Search    :E056:----:P:+    e=Password Profile,eTNamespaceName=CommonObjects,dc=TESTDC
20230110:112509:TID=002378:Search    :E056:----:P:     scope  : BASE
20230110:112509:TID=002378:Search    :E056:----:P:     filter : (|(objectClass=eTPasswordProfile)(badfilter))

 

Error Category 4 from SystemOut.log:


[2/19/23 2:02:09:512 EST] 00000117 SystemOut     O 02:02:09,512 ERROR [ims.ui] No items found
com.netegrity.llsdk6.imsapi.exception.NoSuchObjectException: No items found

   

Also,  check UID to eTGloablUserName is mapped in provisioning mappings.

After mapping, restart IME and test the provisioning activity.