We're reviewing the XPSSweeper report, we've been reviewing theobjects appearing as duplicated with IDM, as all of them are usedwhen integrating IDM with SSO. These objects seem to be properties ofa User Directory (Container, paging, stickiness, etc), which arerelated to a UD. When IDM is integrated with SSO, creating a UserDirectory in IM creates a matching User Directory in SM Policy Servertoo.
There are object that are duplicated :
Object ID: CA.SM::IMSAdditionalProperties@21-de3b50b1-83ad-46fc-82d2-7d1afb355cd7Object Name: DIRECTORY_SERVER_STICKINESSObject Path: IMSAdditionalPropertiesSet[32-377cc592-1ad6-4be4-8684-22bde8de8285] / IMSAdditionalProperties[DIRECTORY_SERVER_STICKINESS]Object Description:
Object ID: CA.SM::IMSAdditionalProperties@21-4f5b061e-68a5-40ce-b8b2-deed410d61d9Object Name: DIRECTORY_SERVER_STICKINESSObject Path: IMSAdditionalPropertiesSet[32-aa27a1b1-0f4c-4120-aa5d-df239eb8f212] / IMSAdditionalProperties[DIRECTORY_SERVER_STICKINESS]Object Description:
How can we solve this ?.Resolution:
You should then verify if these are all referring to the same UserDirectory object (as we should only have one of each then), or ifthese are old “orphan” directory objects in the Policy Store.
You should verify if these objects pertain to an existing UserDirectory, and remove the duplicated objects accordingly. For this youcan use the XPSExplorer tool, and check the current IDM UserDirectories to see if they are orphan or duplicated and can bedeleted, which can be done from the XPSExplorer tool itself.
This should be solved by renaming the affected objects but we shouldneed to confirm with IDM team if this can be done, even if it is doneonly for the upgrade process and later corrected. So, for example,renaming the following:
CA.SM::IMSAdditionalProperties@21-de3b50b1-83ad-46fc-82d2-7d1afb355cd7Object Name: DIRECTORY_SERVER_STICKINESS to: Object ID:
CA.SM::IMSAdditionalProperties@21-de3b50b1-83ad-46fc-82d2-7d1afb355cd7Object Name: DIRECTORY_SERVER_STICKINESS-InternalApp And the same with
the other 8 duplicities found.
This would solve the issue on CA Single Sing-On side, but as mentioned we need toconfirm first if this could break any functionality on IDM, and if no,you can rename them and proceed.
KB : KB000099528