000034366 - Principal Not Found error in RSA Authentication Manager Bulk Administration (AMBA)

Document created by RSA Customer Support Employee on Nov 21, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 3Show Document
  • View in full screen mode

Article Content

Article Number000034366
Applies ToRSA Product Set: SecurID
RSA Product/Service Type: Authentication Manager Bulk Administration
 
IssueWhen running the Authentication Manager Bulk Administration (AMBA) utility the error is reported in the AMBA log:
Failure:<date and time> : ................... return: Principal Not found

Despite the error, the user exists in the Authentication Manager Security Console and can be managed.
CauseThe user's security domain is not the default security domain or the user is not in the default identity source (that is, the internal database) AND the AMBA input command does not explicitly specify the security domain or identity source.
AMBA will only search for users in the default security domain (i. e., SystemDomain) and in the internal database if no specific domain or identity source is defined in the command input file.
ResolutionModify the offending command:
  • For specifying a security domain, add the field SecurityDomain in the header for the security domain information.
  • For specifying an identity source, add the field named IdentitySource in the header for the identity source information.
As an example: when using the AP action (Assign Radius Profile), the user named Anthony is in  security domain named TestDomain and in the MyCompanyAD identity source.  The AMBA command would be as follows:
Action,DefLogin,ProfileName,SecurityDomain,IdentitySource 
AP,anthony,CISCO,TestDomain,MyCompanyAD
NotesThis issue would apply for all user and token related commands.
If the objects are not in the default security domain or identity source, then the command must explicitly define these parameters.

Attachments

    Outcomes