We're running XPSExport command, and this one fails with error :
"Unable to read attribute "CA.SM::<Object Class>.<AttributeName> of Object"
How can we fix this ?
The object has an attribute which is essentially a link to another
object. That attribute is populated with an object XID which doesn't
exist in the Policy Store.
To illustrate :
Unable to read attribute
The XID of the object is
This object class has an attribute named "UserPolicyLink"
This attribute would normally be populated with the XID of a
In this case, the attribute is empty. In some cases, it might occur
that this attribute has been populated with an XID which doesn't
exist. In either case it will need to be fixed in order for the
XPSExport to complete successfully.
All Policy Server versions;
All Policy Store versions;
Use XPSExplorer to Delete the Object :
1. Run XPSExplorer and review the XID of the object
Verify whether the 'UserPolicyLink' attribute is populated. If so,
search for that XID. If the field is empty or the XID does not
exist, then the object will need to be removed;
2. Attempt to delete the object in XPSExplorer;
3. If the object cannot be deleted in XPSExplorer we will need to
delete the object manually;
Manually Delete the Object :
1) Execute an LDIF export of the policy store using the 3rd party
LDAP tools provided by the LDAP Vendor;
2) Locate the XID of the object. Record the Distinguished Name (DN);
3) Locate the XPSNumber of the object :
4) Delete the DN's manually;