Why do I see Orphaned Users in EEM?

book

Article ID: 49681

calendar_today

Updated On:

Products

CA IT Asset Manager CA Software Asset Manager (CA SAM) ASSET PORTFOLIO MGMT- SERVER SUPPORT AUTOMATION- SERVER CA Service Desk Manager - Unified Self Service KNOWLEDGE TOOLS CA Service Management - Asset Portfolio Management CA Service Management - Service Desk Manager

Issue/Introduction

Description:

Why do I see Orphaned Users in EEM? How do they become orphaned?

Solution:

An orphaned user is an application user whose corresponding global user does not exist in the directory (MDB or external). A user can become orphaned under the following circumstances:-

  • When EEM is connected to CA-MDB:

    • When we add an application user and then switch EEM to connect to an external LDAP directory where the user does not exist in that.

    • When we manually delete the user but do not delete its application details from the MDB.

  • When EEM is connected to an External Directory:

    • When we add an application user and then switch EEM to connect to the CA-MDB where the user does not exist in that.

    • When we manually delete the user from the External Directory (LDAP), but do not delete its application details.

This happens because application user details are always stored in the MDB, irrespective of whether the EEM user store is the CA MDB or an external LDAP directory. So, when we switch references in EEM, the application details can be accessed in both the cases. However, the "global user", which the application details are referring to, might not exist in both the directories. So when we switch the reference in EEM, if the global user cannot be found in the new directory, then the user becomes orphaned.

Environment

Release:
Component: ARGIS