Adding trusted realm in RSA Authentication Manager 8.1 SP1 fails with an error: "The trust is not unique. Either the trust package has already been imported under another name, or the name ace0stl0 has already been used."
Originally Published: 2018-06-22
Article Number
Applies To
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.1 SP1 and higher
Issue
ERROR [[ACTIVE] ExecuteThread: '18' for queue: 'weblogic.kernel.Default (self-tuning)']
GUILog.traceException(587) | exception: com.rsa.command.exception.DuplicateDataException:
ERROR: duplicate key value violates unique constraint "ak_ims_trusts"
Detail: Key (owner_id, deployment_uuid, external_realm_name)=(000000000000000000001000e0011000,
832339bc-df9e-4ff3-b8cd-40f7ef40897f, SystemDomain) already exists.
(000000000000000000001000e0011000, 832339bc-df9e-4ff3-b8cd-40f7ef40897f, SystemDomain)
key is already present in the table ims_trusts.
The trust is not unique. Either the trust package has already been imported under another name, or the name <realm_name> has already been used.
Cause
Resolution
To correct the issue,
- How to connect to SQL in RSA Authentication Manager 8.x
- At step 3 in the instructions, enter the following command on the primary for Realm 1:
db=# SELECT * FROM ims_config_value WHERE name='ims.deployment.uuid';
id | instance_id | name | value
----------------------------------+------------------+---------------------+--------------------------------------
5a5f17b966e69a0a1a917ab6685884a8 | 0000-Global-0000 | ims.deployment.uuid | 90b5dfbc-6622-4398-aa18-e70aa3671151
(1 row)
- On the replica for Realm 2,
db=# SELECT * FROM ims_config_value WHERE name='ims.deployment.uuid';
id | instance_id | name | value
---------------------------------+------------------+---------------------+--------------------------------------
8627add62fe39a0a010f95c16788a864 | 0000-Global-0000 | ims.deployment.uuid | 832339bc-df9e-4ff3-b8cd-40f7ef40897f
(1 row)
-
On the primary for Realm 2,
db=# SELECT * FROM ims_config_value WHERE name='ims.deployment.uuid';
id | instance_id | name | value
---------------------------------+------------------+---------------------+--------------------------------------
8627add62fe39a0a010f95c16788a864 | 0000-Global-0000 | ims.deployment.uuid | 832339bc-df9e-4ff3-b8cd-40f7ef40897f
(1 row)
Notice that the UUID for the replica in Realm 1 and the primary in Realm 2 are the same. This is the reason why the insertion of a trusted realm fails. Make sure that each server has a unique UUID.
Workaround
Related Articles
Upgrade fails with "A newer version of RSA Identity Governance and Lifecycle has already been installed" Number of Views Trusted Network policy attribute does not work correctly with applications configured after disabling Identity Confidence … Number of Views Importing a token via CT-KIP fails indicating that the token already exists Number of Views Enable RSA Authenticator App Users to Access Resources Protected by RSA Authentication Manager 8.4 Patch 3 and Earlier Number of Views RSA Identity Management and Governance 6.9.1 installation fails while installing JDK with error "tar: /tmp/aveksa/packages… Number of Views
Trending Articles
RSA Authentication Manager Upgrade Process RSA Release Notes for RSA Authentication Manager 8.8 RSA RADIUS Server service failed to start in the RSA Authentication Manager 8.1 Operations Console Microsoft Entra ID External MFA - Relying Party Configuration Using OIDC - RSA Ready Implementation Guide RSA Release Notes: Cloud Access Service and RSA Authenticators
Don't see what you're looking for?
