Account and Identity collection related jobs are failing in after a Role membership rule changes in RSA Governance & Lifecycle
2 months ago
Originally Published: 2024-05-01
Article Number
000072174
Applies To
  • RSA Product Set:  RSA Governance & Lifecycle
  • RSA Version/Condition: 8.0.0 P01 HF01
Issue

Identity and Account Collection jobs are failing with the below error in aveksaServer.log 

03/27/2024 16:01:03.172 INFO  (Exec Task Consumer#1 - Main) [com.aveksa.server.db.persistence.PersistenceServiceProvider] executeCallableStatement giving up after hitting SQLException: ORA-01861: literal does not match format string
ORA-06512: at "AVUSER.UNFC_PROCESSOR", line 66
ORA-06512: at "AVUSER.ROLE_MANAGEMENT_PKG", line 2482
ORA-06512: at "AVUSER.ROLE_MANAGEMENT_PKG", line 2482
ORA-06512: at "AVUSER.ROLE_MANAGEMENT_PKG", line 9941
ORA-06512: at "AVUSER.UNFC_PROCESSOR", line 291
ORA-06512: at "AVUSER.UNFC_PROCESSOR", line 41
ORA-06512: at line
 
 
 
Cause

An ORA-01861 error message which is caused by using a string instead of a correct date format in the advanced tab of the Role Membership Rule:

image.png

image.png



 

Resolution

Obtain a full list of all the roles and look for the potential use of incorrect data types (eg: strings for date column) in the Role membership rule.
To do this, use the below SQL query to inspect for columns that look like they might be related to dates.

Sqlplus or SQL Developer could be used to execute the below query.

Execute as Oracle AVUSER or equivalent against the G&L Oracle database used as the application datastore.
 

select name, user_constraint, creation_date from T_AV_ROLES;

Check to see if there are any incorrect values in the user_constraint column.

Things to look for are SQL related issues similar to the one highlighted in this knowledge base article. (eg: use of strings for date table columns)



 

Notes
A reference for a correct membership rule:

image.png

Related Articles

Trending Articles

Don't see what you're looking for?