Accessing a Custom Group in vRealize Automation generates the following error: "Failed to instantiate SCIM GroupResource"
search cancel

Accessing a Custom Group in vRealize Automation generates the following error: "Failed to instantiate SCIM GroupResource"

book

Article ID: 306244

calendar_today

Updated On:

Products

VMware Aria Suite

Issue/Introduction

Symptoms:
  • Opening a custom group generates the following error:
[UTC:2018-09-27 21:25:17,680 Local:2018-09-27 14:25:17,680] vcac: [component="cafe:shell" priority="ERROR" thread="tomcat-http--2" tenant="vsphere.local" context="sXNDkisq" parent="" token="sXNDkisq"] com.vmware.vcac.shell.service.ErrorServiceImpl.logToApacheCommons:59 - <767fda5b> Unexpected exception was caught com.google.gwt.core.shared.SerializableThrowable: Failed to instantiate SCIM GroupResource.


Environment

VMware vRealize Automation 7.x

Cause

Users removed from a source LDAP or Active Directory environment are marked as "soft deleted" within vRealize Automation after a successful directory synchronization.

Resolution

Prerequisites

Configure pgAdmin to connect to a vRealize Automation instance

  1. Extracting the User ids from the Custom Groups("groupType"='DYNAMIC') from Group table.
select array_agg(e::text::int) from saas."Group" ,json_array_elements("compositionRules"::json -> 'addedUserIds') as e where "groupType"='DYNAMIC';

Example:
  1. Take the UserIds from step 1 and query for impacted "soft deleted" users:
select "idUser" from saas."Users" where "idUserStatus"=3 and "idUser" IN(CommaDelimitedIDsFrom Step#1);
  1. Use problematic UserID to determine UserID and their associated group memberships:

select "id" from saas."Group" where "groupType"='DYNAMIC' AND "compositionRules" ~* 'idUser1|idUser2';

As shown in the above screenshot  idUser 1959 was soft deleted from the environment.

select "id" from saas."Group" where "groupType"='DYNAMIC' AND "compositionRules" ~* '1959';

  1. Query the group using the id from step 3:
select * from saas."Group" where id = '1127';
  1. Double click on compositionRules:
  • id 1959 should be a member of this group
  1. Edit this section to remove this id from this column and save the change with F6.
  • 1959 should no longer exist:


Additional Information

Impact/Risks:

Ensure there is a valid backup or snapshots available to revert to if necessary.


Powered by Wolken Software