Resolving Synchronize User with Roles Task Error in TEWS with error No subjects returned for task: Synchronize User with Roles
Article ID: 390778
Updated On:
Products
Issue/Introduction
When attempting to run the admin task using TEWS, the following SOAP request was used:soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsdl="http://tews6/wsdl"> <soapenv:Header/> <soapenv:Body> <wsdl:TaskContext> <wsdl:admin_id>user</wsdl:admin_id> <wsdl:admin_password>password</wsdl:admin_password> </wsdl:TaskContext> <wsdl:DoSynchUserRoles> <wsdl:DoSynchUserRolesSearch> <wsdl:Filter index="0"> <wsdl:Field>%USER_ID%</wsdl:Field> <wsdl:Op>EQUALS</wsdl:Op> <wsdl:Value>example_user</wsdl:Value> </wsdl:Filter> </wsdl:DoSynchUserRolesSearch> <wsdl:DoSynchUserRolesDoSynchUserRolesTab> <wsdl:addMissing>true</wsdl:addMissing> <wsdl:deleteExtra>true</wsdl:deleteExtra> </wsdl:DoSynchUserRolesDoSynchUserRolesTab> </wsdl:DoSynchUserRoles> </soapenv:Body></soapenv:Envelope>
However, the following error was encountered:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:tews="http://tews6/wsdl" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://schemas.xmlsoap.org/soap/envelope/ http://schemas.xmlsoap.org/soap/envelope/"> <soapenv:Body> <soapenv:Fault> <faultcode>soapenv:Server</faultcode> <faultstring>Unknown processing error.</faultstring> <detail> <tews:ImsException version="6.0"> <tews:exception> <tews:name>com.netegrity.ims.exception.IMSException</tews:name> <tews:code>700</tews:code> <tews:description><![CDATA[java.util.NoSuchElementException error: No subjects returned for task: Synchronize User with Roles]]></tews:description> <tews:transaction>c7d98cb8-35379466-63f0670c-1b7b4</tews:transaction> <tews:msgKey>2029</tews:msgKey> </tews:exception> </tews:ImsException> </detail> </soapenv:Fault> </soapenv:Body></soapenv:Envelope>
Environment
Vaap 14.5.1 CHF01
Resolution
Use Sample from Article 97740:
1. Replace the SOAP request with the following sample:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsdl="http://tews6/wsdl"> <soapenv:Body> <admin_id xmlns="http://tews6/xsd/types">imadmin</admin_id> <admin_password xmlns="http://tews6/xsd/types">Password</admin_password> <wsdl:DoSynchUserRoles> <wsdl:DoSynchUserRolesSearch> <wsdl:Filter index="0"> <wsdl:Field>%USER_ID%</wsdl:Field> <wsdl:Op>EQUALS</wsdl:Op> <wsdl:Value>allmi01</wsdl:Value> </wsdl:Filter> </wsdl:DoSynchUserRolesSearch> <wsdl:DoSynchUserRolesDoSynchUserRolesTab> <wsdl:addMissing>"true"</wsdl:addMissing> <wsdl:deleteExtra>"true"</wsdl:deleteExtra> </wsdl:DoSynchUserRolesDoSynchUserRolesTab> </wsdl:DoSynchUserRoles> </soapenv:Body></soapenv:Envelope>
2. Synchronize Users and Roles:
Follow these initial steps to change the Task Synchronize Users and Roles in bulk link from docops:
- Log in to the Identity Manager User Console.
- Modify the Synchronize User with Roles admin task to configure properties that let you add missing accounts and remove extra accounts on endpoints.
- Navigate to Roles and Tasks, Admin Tasks, Modify Admin Task.
- Search for the Synchronize User with Roles admin task.
- In the Profile tab, click Configuration Properties.
- In the Task Configuration Properties screen, configure the following properties:
- Remove extra accounts: Set this property to true to delete extra accounts on the endpoints.
- Add missing accounts: Set this property to true to create missing accounts on the endpoints.
- Click OK.
3. Adjust Admin User Scope:
Ensure that the admin user has the necessary scope to run the task. Adjust the scope in the System Manager Admin Role if needed.
Feedback
