Skip navigation

Log in to create and rate content, and to follow, bookmark, and share content with other members.

000033669 - RSA Archer 5.x LDAP Synch completes, but Failure Detail has strange exception at the end

Document created by RSA Customer Support

on Aug 5, 2016•Last modified by RSA Customer Support

on Apr 21, 2017

Version 2Show Document

Like • Show 1 Like1
Comment • 0
View in full screen mode

Article Content

Article Number	000033669
Applies To	RSA Product Set: Archer RSA Version/Condition: 5.x
Issue	After LDAP Synch completes, the Failure Detail log file has strange error at the end. ArcherTech.Common.Exceptions.ValidationMessageException: ArcherTech.Common.Validation.ValidationMessage 7/14/2016 12:40:35 PM ArcherTech.Common.Exceptions.ValidationMessageException: ArcherTech.Common.Validation.ValidationMessage
Cause	The LDAP Synch is unable to delete an LDAP Group because the LDAP Group is assigned to a Record Permissions or Users/Groups List field in a Content Record.
Resolution	Steps are from KB 33667: When deleting a Group in RSA Archer, a warning occurs: The group contains a dependency to content. Run the following SQL command against the Instance database to find the Content Records. Update the WHERE clause in the SQL command below with the Group Names linked to Content Records. SELECT mt.module_name AS ModuleName, c.content_id AS ContentId, ft.field_name AS FieldName, g.group_name AS GroupName FROM tblIVGroupContent gc WITH(NOLOCK) JOIN tblGroup g WITH(NOLOCK) ON gc.group_id=g.group_id JOIN tblIVFieldDef fd WITH(NOLOCK) ON gc.field_id=fd.field_id JOIN tblIVContent c WITH(NOLOCK) ON gc.content_id=c.content_id JOIN tblModule m WITH(NOLOCK) ON c.module_id=m.module_id JOIN tblModuleTranslation MT WITH(NOLOCK) ON MT.module_id = m.module_id JOIN tblFieldTranslation ft WITH(NOLOCK) ON fd.field_id = ft.field_id WHERE g.group_name IN ('Group A', 'Group B', 'Group C') ORDER BY ModuleName, ContentId The SQL command will return the Module Name, Content Id, Field Name, and Group Name for a list of Content Records. For each Content Record, remove the Group from the field. Once the Group in no longer linked to Content Records, the Group can be deleted. If the field is a Record Permissions field using the Inherited Permissions Model, check the Record Permissions field(s) it inherits from to find the proper field to remove the Group from.
Notes	A defect was logged as ARCHER-25012: LDAP Synch exception in Failure Detail: ArcherTech.Common.Exceptions.ValidationMessageException: ArcherTech.Common.Validation.ValidationMessage Enhancement request logged as ARCHER-22075: Add ability to identify Content Records where a Group has been assigned. Contact Archer Support to open a case and add your company to the enhancement request.

Attachments

Outcomes

0 Comments

Recommended Content