000037713 - Entitlement Views are Empty in RSA Identity Governance & Lifecycle after an attribute metadata import is followed by an upgrade to 7.1.1 P01

Document created by RSA Customer Support Employee on Jul 16, 2019Last modified by RSA Customer Support Employee on Jul 16, 2019
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000037713
Applies ToRSA Product Set: Identity Governance & Lifecycle
RSA Version/Condition: 7.1.1

IssueAfter upgrading RSA Identity Governance & Lifecycle 7.1.1 GA to 7.1.1 P01+, all entitlement views that previously displayed entitlements now show zero entitlements (items):

User-added image

The following error can be seen in the aveksaServer.log:

07/11/2019 15:31:04.494 WARN  (default task-4) [org.hibernate.engine.jdbc.spi.SqlExceptionHelper]
SQL Error: 904, SQLState: 42000
07/11/2019 15:31:04.496 ERROR (default task-4) [org.hibernate.engine.jdbc.spi.SqlExceptionHelper]
ORA-00904: "APP"."TECHNICAL_OWNER_NAME": invalid identifier

Please refer to article 000030327 - Artifacts to gather in RSA Identity Governance & Lifecycle to find the location of the log files for your specific deployment.
CauseA metadata import of custom attributes was done prior to the upgrade and one of the attribute names was Technical Owner.  This is a known issue reported in ACM-98888.

User-added image
ResolutionThere is no known resolution at this time. Please see the information below for a workaround.
A workaround is to rename all occurrences of the attribute name  Technical Owner to Technical Owner Name.

In the RSA Identity Governance & Lifecycle user interface,

  1. Go to Admin > Attributes > [Edit the Attribute Name Technical Owner and modify to Technical Owner Name ] > Click OK.
  2. You will get a Java exception error that may be safely ignored. To bypass the error, cancel out of the attribute editor and the change will be saved.

User-added image

  1. Now the entitlement view shows the expected list of entitlements (items):

User-added image

NOTE: You will not be able to filter on Technical Owner Name in certain scenarios. For example, the following screenshot is from a User Access Rule Definition. The error is similar to the Java exception error mentioned above, but this change cannot be saved.
User-added image