|Issue||Authentication Manager 7.1.4 and APP 3.0.4: Unable to link an AD ldap group to a restricted agent, "Operation failed because data was updated concurrently by another user. Reload data and try again"|
When trying to add an AD ldap group to a restricted agent, the following error appears:
There was a problem processing your request.
Operation failed because data was updated concurrently by another user. Reload data and try again.
|Cause||While the data could be legitimately locked in the backend identity source, in this instance, when the group in question has been dragged and dropped from one ou to another ou, the guid that the ldap group contains is incorrect, thus orphaning the guid in oracle. In this instance, the guid must be purged and recreated (this happens automatically when the old guid is removed).|
|Resolution||To check for this occurance, run the report "Users and user groups missing from the identity source" report (Reporting->reports->add new, locate the "Users and user groups missing from the identity source template, assigning the report an appropriate and unique name, and also selecting the AD identity source in question for criteria, then run the report). Once the report completes, look for the groups distinguished name that is causing issues, and compare it to the actual distinguished name in AD. If they differ, run the Identity source clean up job.|
To correct this issue, in the security console, select Setup->Identity Sources->Schedule cleanup, select all criteria to run the job, insuring to select the proper identity source where the Once the cleanup is complete, rerun the report to insure it does not appear on the orphaned guid report. Once cleared, you can add the group to the restricted agents access list.
|Legacy Article ID||a60126|