This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Discussions

Browse the SecurID discussion board to get product help and collaborate with other SecurID users.
AndySmith2
Beginner
Beginner
‎2016-05-10 09:54 AM

I cannot unassign a token with the user <unknown> - when I try it says Cannot add or manage a user with user ID com.rsa.common.InvalidArgumentException: Duplicate user ID. User IDs must be unique within an identity source. This user ID is already in use

one of our tokens shows the user <unknown> next to it, when I try to unassign it says:

 

Cannot add or manage a user with user ID com.rsa.common.InvalidArgumentException: Duplicate user ID. User IDs must be unique within an identity source. This user ID is already in use by a user in this identity source.

 

 

When I try to run a batch to clean up unresolvable users - the preview says there arent any - "No unresolvable users were found"

 

we have 10 tokens, but can only use 9 at the moment until i can unassign this one and re-assign

 

Thanks in advance

 

Andy Smith - Redline

Labels (1)
Labels
0 Likes
Reply
8 Replies
YomnaKhalil
Employee
Employee
‎2016-05-10 12:46 PM

Hello Andy,

 

1) Can you please try performing the following:

In 8.1, Click Setup --> System Settings. Click Security Console Authentication Methods under Console and Session Settings

 

2) a) If the issue still persists, then please try the following:

Identity >> Users >> Manage Existing

At the bottom of the search bar >> Search for Users across Identity Sources and search for the userID

If you get more than 1 entry, then please delete one of them.

 

b) If Clean up does not remove unresolvable user, modify your LDAP Identity source mapping to exclude the user. If you had a user named

  1. Teresa.Kersten in your external Identity source whom you could not manage, or delete, you would change the User Map filter from

(&(objectClass=User)(objectcategory=person))

To

(&(objectClass=User)(objectcategory=person)(!(samAccountName=Teresa.Kersten)))

This goes in the External Identity Source Map in the Operations Console, under Users Filter.

Then remove or clean up any Teresa.Kersten that you could not remove before. when done, remove the filter in your LDAP map,

changing it back to:

(&(objectClass=User)(objectcategory=person))

 

Thanks

0 Likes
Reply
SeanDoyle
Trusted Contributor Trusted Contributor
Trusted Contributor
‎2016-05-10 12:58 PM

If the account change is < 7 days old.. the user won't show up.. go to clean up users and uncheck the 7 day filter ... see if the user shows up.

0 Likes
Reply
AndySmith2
Beginner
Beginner
In response to YomnaKhalil
‎2016-05-11 04:28 AM

Thanks Yomna,

 

The only duplicate users that appear are in different areas - internal database and AD server name, they are an IT admin user and show no tokens allocated against them.

 

Without a user name, I cannot try your other solution.

 

Andy

0 Likes
Reply
AndySmith2
Beginner
Beginner
In response to SeanDoyle
‎2016-05-11 04:29 AM

Hi Sean,

 

Thanks for your suggestion. Unfortunately nothing shows up when I untick the box.

 

It's a real problem as I cannot use this token....

 

Thanks

 

Andy

0 Likes
Reply
HusseinElBaz
Employee
Employee
‎2016-05-11 07:43 PM

Hello Andy,

 

We will need to open a ticket on this issue in order to help with cleaning up unresolvable users and check the issue further if needed.

 

Best Regards,

0 Likes
Reply
JayGuillette
Apprised Contributor Apprised Contributor
Apprised Contributor
‎2016-05-11 08:40 PM

Hussein is correct, you'd be better off opening a case to troubleshoot this.  But if you are adventurous, I think the fix might involve looking at the internal database with a SQL command, and possibly finding a userID with the literal name of 'unknown' or blank or something like that, possible two of them.  Then deleting them.  The KB you would follow is 000030005 - How to get an accurate count of active users.  I'll try to attach it here.

Preview file
179 KB
0 Likes
Reply
AndySmith2
Beginner
Beginner
In response to HusseinElBaz
‎2016-05-13 07:25 AM

Thanks Hussein,

 

We purchased our rsa-appliance through a third party - can I still open a case with RSA? how do I go about that?

 

Regards

 

Andy

0 Likes
Reply
_EricaChalfin
Employee (Retired) Employee (Retired)
Employee (Retired)
In response to AndySmith2
‎2016-05-16 05:06 PM

Andy,

 

If you purchased maintenance through your vendor, you are able to open support cases.  To open a case, you can call (800) 995-5095, option 3 or email support@rsa.com.  You will need to provide your license or support contract number to open a case.

 

To find your license number, launch the Security Console and navigate to Setup > Licenses.  Click View Installed Licenses.  Click on the context arrow next to the License ID (LID) number.  The license for your version of Authentication Manager will be listed on the upper left of the page.  It will be an eight digit number starting with a 4 or 9 (for Authentication Manager 7.1) or 8 for Authentication Manager 8.x.

 

 

 

 

 

 

Regards,

Erica

0 Likes
Reply
© 2023 RSA Security LLC or its affiliates. All rights reserved.