000034202 - Unable to link Global Catalog (runtime identity source) to RSA Authentication Manager 8.x

Document created by RSA Customer Support Employee on Nov 30, 2016Last modified by RSA Customer Support Employee on Apr 22, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000034202
Applies ToRSA Product Set : SecurID
RSA Product/Service Type : RSA Authentication Manager
RSA Version/Condition: 8.2
IssueAn administrator is seeing the following messages when attempting to link an external identity source to the Authentication Manager deployment.
The specified runtime identity source is not part of the realm to which this identity source belongs 
User-added image

Cannot link the runtime identity source because no administrative identity sources reference this runtime source
User-added image
CauseIf you link an Active Directory Global Catalog (known as a runtime identity source), you must also link each identity source that replicates user data to that Global Catalog (known as an administrative identity source).
ResolutionAn administrator must update the administrative identity source configuration. In the Active Directory Options, User Authentication must have Authenticate users to a global catalog selected where the appropriate Global Catalog is selected from the drop-down list for the administrative identity source.
An administrator can now link both the runtime and administrative identity sources are the same time to overcome these messages seen during the link procedure.
Please follow the steps below:
  1. Log on to the Security Console as a Super Admin.
  2. Click Setup > Identity Sources > Link Identity Source to System.
  3. From the list of available identity sources, select the runtime and administrative identity sources that you want to link.
  4. Click the right arrow to move the selected identity sources from Available to Linked.
  5. Click Save.