000031003 - "Duplicate User ID" Error when running All Users report in Authentication Manager 8.1

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000031003
Applies ToRSA Product Set:  SecurID
RSA Product/Service Type:  Authentication Manager
RSA Version/Condition:  8.1
Issue
  • Receiving the error "Error: Duplicate User ID" when running the All Users report.
  • Running the Clean Unresolvable Users job results in the message “No unresolvable users were found.”
  • No details about duplicate user IDs are displayed in the System Log, in the Administration Activity log or in /opt/rsa/am/server/logs/imsTrace.log.
Resolution 
  1. Open the Operations Console and navigate to Administration Download Troubleshooting Files and follow the on screen directions to generate and download a set of troubleshooting files from the Authentication Manager server.
  2. Extract the files in the downloaded zip file to a local directory. Navigate to /opt/rsa/am/Authentication Manager Logs/rsapgdata/pg_log/postgres_<datestamp of the latest available log file>
  3. The following two errors will be in this file:
2015-08-17 17:40:37.533 GMT [unknown] rsa_user 55d2174c.7aeb 2/452177 1772964 ERROR:  duplicate key value violates unique constraint "ak_ims_principal_isrcid_uid"
2015-08-17 17:40:37.533 GMT [unknown] rsa_user 55d2174c.7aeb 2/452177 1772964 DETAIL:  Key (loginuid, identity_src_id)=(bbishopold, 4ff5015e2906110a01cd65e1a048624b) already exists.

In the above example, the duplicate user ID is bbishopold.

 

After determining the duplicate user(s), please follow the steps below:
  1. From the Operations Console go to Deployment Configuration > Identity Sources > Manage Existing.  Edit the identity source to which the user belongs.
  2. Click on the Map tab.
  3. Change the Search Filter from (&(objectClass=User)(objectcategory=person)) to (&(objectClass=User)(objectcategory=person)(!(samAccountName=<user_id>))) where <user_id> is the duplicated user found in logs.  Based on the log output above it will be (&(objectClass=User)(objectcategory=person)(!(samAccountName=bbishopold))).
  4. Click on Save.
  5. Now go to Security Console > Setup > Identity Source > Clean Up Unresolvable Users.
  6. After the cleanup is complete, go back to the Operations Console under Deployment Configuration > Identity Sources > Manage Existing and edit the identity source again to revert the Search Filter back to (&(objectClass=User)(objectcategory=person)).
  7. Click on Save.
Run the All Users report to confirm it runs successfully.
 

Attachments

    Outcomes