The safex command is failing on JAWSCreate.xml: error: action[Add] object[GlobalUser] cannot be processed
search cancel

The safex command is failing on JAWSCreate.xml: error: action[Add] object[GlobalUser] cannot be processed

book

Article ID: 372563

calendar_today

Updated On:

Products

Automation Analytics & Intelligence

Issue/Introduction

The import of the AAI access policies to eEM server using safex command is failing with the error message below.

 

/opt/CA/SharedComponents/EmbeddedEntitlementsManager/bin $ ./safex -u <eEM admins user> -p <eEM user admin pasword> -f  JAWSCreate.xml
Setting Translation file:./safex.tr
Setting back end to "localhost"

Setting locale to "en_us"

OK:Successfully Authenticated
OK: action[Attach] with ApplicationInstance label[]
OK: action[Register] performed on ApplicationInstance name[AAI] with label[AAI]
OK: action[Detach] from ApplicationInstance label[]
OK: action[Attach] with ApplicationInstance label[AAI]

Current XML file location: line 125 column 40
error: action[Add] object[GlobalUser] name[/XXX] error retrieving
Safe Error: [EE_POZERROR Repository Error]
Sponsor Error: [ISE_ERROR_UNKNOWN unknown isponsor error]
Debug [Retrieve Error: PozError]
Debug [PE_SPONSORERROR iSponsor Error]
Debug [pozObject::retrieve: error invoking iPoz::ObjectRetrieve on host localhost]
Debug [object retrieve failed]
Debug [ISE_ERROR_UNKNOWN unknown isponsor error]
Debug [/iTechPoz/Entities/Users/XXX]

Current XML file location: line 132 column 18
error: action[Add] object[GlobalUser] cannot be processed when using an external directory
OK: action[Add] performed on object[User] name[/XXX]

Environment

Product: Automation Analytics & Intelligence v6.x

Cause

When eEM is already configured to use LDAP/Active Directory, it is no longer possible to create a Global User on eEM. By default, the JAWSCreate.xml creates a Global User as shown below.

  <AddOrModify> 
    <!-- Sample User -->  
    <GlobalUser folder="/" name="XXX"> 
      <UserName>XXX</UserName>  
      <PasswordDigest>XXXXXXXXXXXXXXXXXXXXXXX</PasswordDigest> 
      <PasswordChangeDate>XXXXX</PasswordChangeDate>  
      <FirstName>XXX</FirstName>  
      <LastName>XXX</LastName>  
      <DisplayName>XXX</DisplayName> 
    </GlobalUser> 
  </AddOrModify>  
  <AddOrModify> 
    <User folder="/" name="XXX"></User> 
  </AddOrModify>

Resolution

-Remove the lines below from the JAWSCreate.xml

-Run the safex command with the JAWSDestroy.xml

safex -u <eEM admins user> -p <eEM user admin pasword>  -f  JAWSDestroy.xml

-Run the safex command with the JAWSCreate.xml

 

Powered by Wolken Software