When migrating CA Identity Suite from an older version, such as 14.5.1 CHF01, to v15 Fixpack5, the import of the Role Definition "Use Case Service" consistently fails in immanage Admin Console.

Source:
Identity Suite 14.5.1 CHF01 Vaap
Oracle 11 OracleXpress shipped in Vaap.

Target:
CA Identity Suite v15 Fixpack5
Oracle Server database Oracle 19C with Oracle DB data exported from Source using Oracle tools with help from DBA.

The root cause of the failure is the presence of duplicated IM Admin Role entries in the customer's IM_ROLE database table because of previous manual updates directly in IM databases. Identity Manager UI is designed to prevent the creation of duplicate IM Admin Roles for an environment. Examples of roles found to be duplicated include "Use Case Service Admin" and "Use Cases - Self." The duplication is a legacy issue, potentially stemming from an old environmental ID change manually by the client where the environment ID was switched to Environment id 23 several years prior. These duplicate entries block the proper deployment of the "Use Case Service" role definition.

The issue is resolved by identifying and manually deleting the duplicated role entries directly from the database.

Steps to Resolve:

1.  Access the CA Identity Suite database associated with the environment.
2.  Identify the duplicated IM Admin Role entries within the IM_ROLE table.
3.  Manually delete the duplicated rows from the IM_ROLE table.
4.  After deleting the duplicates, proceed with the import or deployment of the Role Definition "Use Case Service". The operation should now succeed.

Disclaimer

The root cause and resolution for this issue involves direct manipulation of the CA Identity Suite database (IM_ROLE table). Manual database maintenance is generally not recommended or supported by Broadcom unless explicitly instructed and guided by Broadcom Support personnel.

Before Proceeding:
1. Backups: Always ensure you have full backups of all relevant external databases.
2. Snapshots: Take server snapshots that can be used as a last resort to restore your local configurations also in case of any unexpected issues happened after you change the external databases.
3. Confirmation: If you have any doubt that this specific issue or cause applies to your environment, open a Support case with Broadcom Support to request confirmation of the issue, cause, and resolution before proceeding with this manual action.
4. Furthermore, adherence to documented best practices for environment setup and migration should prevent the occurrence of the duplicate IM Admin Role entries that led to this issue or other issue.