rsa Cannot add or manage a user with user ID com.rsa.common.InvalidArgumentException: Duplicate user ID. - Help needed
You had some information in your screen shots that would be considered Personally Identifiable Information (PII) that we recommend not making visible in a public forum such as this. I have removed your screen shots and redacted some information. Here are some
* * *
I have an issue with a user's account. It seems that someone may have changed the AD username and changed it back to what it was, but the damage is done. I'm now just trying to delete the user from RSA to allow them to be setup again
The user is <user_name>.
I found her token in the database but it is assigned to an <UNKNOWN> user.
I have tried doing the LDAP Query within Deployment Configuration > Identity Sources > Manage Exiting > OurDomain > MAP with the Query (&(objectClass=User)(objectcategory=person)(!(samAccountName=<user_name>))), but when I did the Setup -> Identity Sources -> Clean Up, I got nothing.
I've tried deleting to user but no joy. What can I do please ?
I have moved your question to the SecurID discussion forum where it will be seen by our engineers and other Authentication Manager users.
- When you ran the cleanup, was the checked option about the grace period checked or no?
- Have you tried the steps outlined in this article on being unable to unassign RSA SecurID token or assign token to another user in RSA Authentication Manager Security Console?
The first thing you need to do is search across all identity source. In you screenshot you will see a a link below the Search button.
put your end user's user ID in the fourth line and see if there are any other instances for that user ID.
Second thing to look for in Setup -> Identity Sources ->Link and see if you have any unlinked identity sources. If you do. Link them back then try doing the cleanup
After loggin in here to access this portal, when I click on the link, I get brought into another logon for which, when I re-enter my creds, I get an "Unsuccessful logon." error
Just a further update, when I go into Assigned Tokens, and sort alphabetically, I can see the token for the user with "<Unknown>" in the Assigned To field, in exactly the line where the user should be if their name was still there and working
When you see <Unknown> like that. That is a user that is no longer resolvable. if you go to the CLI /opt/rsa/am/rsapgdata/log/ you will see the postgres (db) logs. open todays log. This log file will give you an indication of who the token is assigned to.