000017308 - How to remove LDAP DN information from tblUser when RSA Archer accounts are being deactivated because of a DN change in the source LDAP/AD

Document created by RSA Customer Support Employee on Nov 11, 2016Last modified by RSA Customer Support Employee on Aug 5, 2017
Version 3Show Document
  • View in full screen mode

Article Content

Article Number000017308
Applies ToRSA Product Set: Archer
RSA Version/Condition: All
IssueHow do you remove LDAP DN information from tblUser when accounts are being deactivated due to a DN change from the source LDAP/AD
Sample error from Failure Detail:
System.Exception: Selected user name (jdoe) is already in use with a different distinguished name (CN=Doe\, John,OU=US Users,DC=corp,DC=emc,DC=com). 
If you would like to update this user, delete the value for distinguished name in the Archer database and run the sync again.

ResolutionPeform the steps below.
  1. Go to Manage LDAP Configurations.
  2. Hover the mouse over the LDAP Configuration Name.
  3. Take note of the ID displayed in the lower-right corner.
  4. Run the following SQL command against the Instance database to clear the distinguished_name value for LDAP users. Replace # with ID from step 3.
    UPDATE tblUser SET distinguished_name='' WHERE ldap_config_id = #

Legacy Article IDa65106