Symantec IGA

Expand all | Collapse all

In IM Management console importing RoleDefinitions.xml  fails

Jump to Best Answer
  • 1.  In IM Management console importing RoleDefinitions.xml  fails

    Broadcom Employee
    Posted 04-09-2018 02:26 PM

    In IM Management console importing RoleDefinitions.xml  fails with the below error  message. Does anybody come across this issue?  Please let me know the resolution.

     

    Warning: Updating the IdentityMinder environment "identityEnv"
    Deploying role definitions...
    Importing Screens...
    Error: java.lang.NullPointerException
    at com.netegrity.llsdk6.imsimpl.provider.ProvisioningPolicyProviderImpl.getAccountContainer(ProvisioningPolicyProviderImpl.java:644)
    at com.netegrity.llsdk6.imsimpl.provider.ProvisioningPolicyProviderImpl.findProvisioningPolicy(ProvisioningPolicyProviderImpl.java:254)
    at com.netegrity.imsconfig.utils.UseCaseElementRelationshipUtils.populateProvisioningRoleRelationships(UseCaseElementRelationshipUtils.java:83)
    at com.netegrity.imsconfig.model.environment.TemplateObjectModel.persistObject(TemplateObjectModel.java:385)
    at com.netegrity.imsconfig.model.ObjectModelManager.persistObjects(ObjectModelManager.java:533)
    at com.netegrity.imsconfig.ImsConfig.config(ImsConfig.java:352)
    at com.netegrity.ims.manage.api.AbstractDeployer.runImsConfig(AbstractDeployer.java:295)
    at com.netegrity.ims.manage.api.AbstractDeployer.runImsConfig(AbstractDeployer.java:222)
    at com.netegrity.ims.manage.api.RoleDeployer.deploy(RoleDeployer.java:48)
    at com.netegrity.ims.manage.bean.ConfigToolJob.deployRoles(ConfigToolJob.java:874)
    at com.netegrity.ims.manage.bean.ConfigToolJob.deployRoles(ConfigToolJob.java:753)
    at com.netegrity.ims.manage.bean.ConfigToolJob.run(ConfigToolJob.java:242)
    at java.lang.Thread.run(Thread.java:745)



  • 2.  Re: In IM Management console importing RoleDefinitions.xml  fails
    Best Answer

    Posted 04-10-2018 11:13 AM

    I would suggest you check to make sure that the system where you are importing the Roles XML has all the same RoleDef imported and has any custom Role Def jars too. If there are any custom LAH referenced in the screens you would want to make sure that it is also on the new system.

     

    You could also try to import just the screens defined in the Roles XML by putting them into a smaller XML file and perhaps try some screens at a time to try to determine which is causing an error.

     

    If further assistance is needed I would suggest opening a support case.



  • 3.  Re: In IM Management console importing RoleDefinitions.xml  fails

    Posted 04-10-2018 02:14 PM

    Support case 01009128 has been opened



  • 4.  Re: In IM Management console importing RoleDefinitions.xml  fails

    Posted 05-22-2018 03:38 AM

    I'm also experiencing this error; Environment created with plain version CA IDM 14.1, then exported with CA IDM 14.1 CP04 and reimported again ended up with the same error you are experiencing.

     

    2018-05-21 17:37:39,632 DEBUG [ims.idmmanage] (Thread-523) java.lang.NullPointerException
    com.netegrity.llsdk6.imsimpl.provider.ProvisioningPolicyProviderImpl.getAccountContainer(ProvisioningPolicyProviderImpl.java:644)
    com.netegrity.llsdk6.imsimpl.provider.ProvisioningPolicyProviderImpl.findProvisioningPolicy(ProvisioningPolicyProviderImpl.java:248)

     

    i've been able to nail it down to Rules containing Provisioning Roles with Account Template and Endpoint Type specified in the rule such as:

     

    <ImsRole name="Portale Intranet RL - SRE" roletype="PROVISIONING" ....>
    <AdminPolicy assignable="true" adminassignable="false">
    <imsrule:MemberRule><RoleMember><AdminRole name="System Manager"/></RoleMember></imsrule:MemberRule>
    <imsscope:ScopeRule object="USER" purpose="*"><All/></imsscope:ScopeRule>
    </AdminPolicy>
    <OwnerPolicy>
    <imsrule:MemberRule><RoleMember><AdminRole name="System Manager"/></RoleMember></imsrule:MemberRule>
    </OwnerPolicy>
    <AccountTemplate name="Intranet_Portal_AT" endpointType="Intranet_Portal_2018"/>
    </ImsRole>

     

    Whats more odd, if i try to create the provisioning role using the Console i get the error

    Error: Portale Intranet RL - SRE is a duplicate. Please rename.

    I've checked everywhere, even on the objectstore and there is no such named object.

    If i rename it, it works, using the console, but still no way to make it works using the import roles through the management console.

     

    Never experienced these errors before, probably software bug added on CP04 or previous release ?