Error in Entitlements Manager (AdminGUI)

This property already exists.

Error in eserver standard output:

sirrus.da.exception.DuplicateEntryException: Cannot create attributes with reserved name.
        at sirrus.da.ldap.admin.LDAPPropertyDefinition.persistToStore(LDAPPropertyDefinition.java:553)

 
Attempted to make one of the following reserved attributges an Access Manager User Property:

uid
postalcode
sn
userpassword
mail
dn
userPrincipalName
description
ctscFailedLoginCount
ctscUserKeywords
ctscUserKeywords
ctscUserKeywords
ctscPasswordHistory
ctscPasswordCreationDate
cn
uniquemember
description
ctscAdministrativeGroupName
uniquemember
ctscPrivateMemberList
ctscPublicMemberList
dlmDescription

In some instances customers may want to define the reserved user attributes as user properties for export in the http headers. The following work around describes a method of bypassing this restrictions. Customers should ensure that when creating user properties based on reserved attributes that the user properties are always defined as read only. Under no circumstances should these user properties be edited in the entitlements managers. Doing so may cause datastore corruption.

Identify the ldap.conf file setting for the attribute map corresponding to the user attribute you wish to add. For example to add givenName as a user property.

cleartrust.data.ldap.user.attributemap.firstname :givenname

Modyif the ldap.conf file setting and temporarily assign it to a dummy attribute that is not on the reserved attribute list.

cleartrust.data.ldap.user.attributemap.firstname :postalcode

Restart the eserver.  (Ensure that no other administration is being done at the same time.)

Create your custom user property based on the reserved attribute givenName.

Revert the changes in your ldap.conf file back to the original

cleartrust.data.ldap.user.attributemap.firstname :givenName

Restart the eserver.