000032831 - Done with exceptions error occurs when importing users with tokens into another identity source in RSA Authentication Manager 8.x

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support on Jan 8, 2020
Version 5Show Document
  • View in full screen mode

Article Content

Article Number000032831
Applies ToRSA Product Set: SecurID
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.x
IssueExporting users with tokens from the internal database and importing them into an external identity source causes the following error to display on the Export/Import Status page:
 
Done with Exceptions

 

User-added image



In the system log report, the following message displays:
 


com.rsa.common.DuplicateDataException: Principal with userid already exists in realm: Tester,
at com.rsa.ims.admin.impl.PrincipalAdministrationImpl$9.run(PrincipalAdministrationImpl.java:6084),
at com.rsa.ims.security.spi.SimpleSecurityContextImpl.doAs(SimpleSecurityContextImpl.java:113),
at com.rsa.security.SecurityContext.doAs(SecurityContext.java:439),
at com.rsa.security.SecurityContext.doAsSystem(SecurityContext.java:474),
at com.rsa.ims.admin.impl.PrincipalAdministrationImpl.checkforMultipleUsersWithSameUserid(PrincipalAdministrationImpl.java:6040),
at com.rsa.ims.admin.impl.PrincipalAdministrationImpl.trustedRegister(PrincipalAdministrationImpl.java:2953),
at com.rsa.ims.admin.impl.PrincipalAdministrationImpl.register(PrincipalAdministrationImpl.java:2867),
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method),
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39),
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25),
at java.lang.reflect.Method.invoke(Method.java:597),
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:309),
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:196),
at com.sun.proxy.$Proxy108.register(Unknown Source),
at com.rsa.authmgr.internal.admin.exportimport.impl.ExportImportManagerImpl$AddUserAndTokensInTransaction.a
(ExportImportManagerImpl.java:150),
at com.rsa.authmgr.internal.admin.exportimport.impl.ExportImportManagerImpl$AddUserAndTokensInTransaction.a
(ExportImportManagerImpl.java:155),
at com.rsa.authmgr.internal.admin.exportimport.impl.ExportImportManagerImpl$AddUserAndTokensInTransaction.doInTransaction
(ExportImportManagerImpl.java:362),
at com.rsa.authmgr.internal.admin.exportimport.impl.ExportImportManagerImpl$AddUserAndTokensInTransaction.doInTransaction
(ExportImportManagerImpl.java:314),
at org.springframework.transaction.support.TransactionTemplate.execute(TransactionTemplate.java:130),
at com.rsa.authmgr.internal.admin.exportimport.impl.ExportImportManagerImpl.a(ExportImportManagerImpl.java:849),
at com.rsa.authmgr.internal.admin.exportimport.impl.ExportImportManagerImpl.importDataFromFile(ExportImportManagerImpl.java:522),
at com.rsa.authmgr.internal.admin.exportimport.impl.batchjob.ImportUsersAndTokensBatchJobRunnerImpl.peformImport
(ImportUsersAndTokensBatchJobRunnerImpl.java:15),
at com.rsa.authmgr.internal.admin.exportimport.impl.batchjob.AbstractImportBatchJobRunner.startBatchJob
(AbstractImportBatchJobRunner.java:60),
at com.rsa.ims.batchjob.impl.BatchJobTXEngine$4.run(BatchJobTXEngine.java:453),
at com.rsa.ims.batchjob.impl.BatchJobTXEngine$4.run(BatchJobTXEngine.java:1),
at com.rsa.ims.security.spi.SimpleSecurityContextImpl.doAs(SimpleSecurityContextImpl.java:113),
at com.rsa.security.SecurityContext.doAs(SecurityContext.java:439),
at com.rsa.ims.batchjob.impl.BatchJobTXEngine.runBatchJob(BatchJobTXEngine.java:439),
at com.rsa.ims.batchjob.impl.BatchJobTXEngine.execute(BatchJobTXEngine.java:358),
at com.rsa.ims.batchjob.impl.JobRunner.run(SimpleBatchJobLauncher.java:99),
at org.springframework.scheduling.commonj.DelegatingWork.run(DelegatingWork.java:62),
at weblogic.work.j2ee.J2EEWorkManager$WorkWithListener.run(J2EEWorkManager.java:184),
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256),
at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)



 
CauseDuplicate users are detected in both the internal database and the external identity source into which the users are being imported.
Resolution

Before continuing, take a backup of the database from the Operations Console (Maintenance > Backup and Restore > Backup Now). The backup can be deleted once there is confirmation that the steps were completed successfully.


The users in the export group must be deleted from the internal database before they are imported.

  1. GoLogin to the Security Console.
  2. Navigate to Administration > Export/Import Tokens and Users > Download Encryption Key.
  3. Go to Administration > Export/Import Tokens and Users > Export tokens and users.
  4. Go to Identity > Users > Manage Existing and delete the users that are being exported.
  5. Go to Administration > Export/Import Tokens and Users > Import tokens and users.

It should work correctly now.

 

Attachments

    Outcomes