In a preconfigured Directory in VMware Identity Manager, attempting to mark any Default Attributes field as required fails with the following error message:

Cannot create a required user attribute or change an existing attribute to required.

VMware Identity Manager 3.3.x

This issue occurs when an existing directory has already been created and synchronized. By design, once directories have been set up and synced, the system restricts the ability to change Default user attributes to required attributes to prevent synchronization conflicts.

To resolve this issue, the existing directory must be temporarily removed to allow the attribute modification.

Note: Ensure you take snapshots of all VMware Identity Manager 3.3.7 nodes without memory before making any changes.

Steps:

1. Log in to the VMware Identity Manager 3.3.7 administration console.
2. Navigate to Identity & Access Management > Directories.
3. Document your existing directory configuration settings for later use. Ensure you have the Bind user password for reconfiguring the Directory in a later step. (Test the connection with the Bind user password to confirm credentials).
4. Delete the existing Directory.
5. Navigate to Identity & Access Management. Go to Setup, click on the User Attributes tab, and configure the desired attribute (e.g., Email, phone) as a required field.
6. Recreate and synchronize your directory using the documented settings.