RSA Identity Governance & Lifecycle startup fails with the following errors in the user interface:
Unable to initialize security model. com.aveksa.server.core.DuplicateNameException: Aveksa ADC The aveksa security application must be initialized first by the System Operations Node(SON). See documentation regarding server nodes and deployment.
The SON error is not the issue here. The issue is the error message:
This error indicates that when the startup is attempting to create an Aveksa Account Data Collector (ADC), one already exists. How can this happen?
There is a new application called Aveksa with associated collectors called Aveksa Account Data Collector (ADC) and Aveksa Entitlement Data Collector (EDC). These objects are part of the security model and should not be changed. However, these three objects (Aveksa Application, Aveksa ADC and Aveksa EDC) are modifiable and if modified in any way, RSA Identity Governance & Lifecycle will not start up.
Here is what happens:
The Aveksa application is defined by default and has an Aveksa ADC and EDC.
Every time RSA Identity Governance & Lifecycle starts, it checks to see if an Aveksa application exists which it normally does unless the application has been renamed.
If the application has been renamed, then the startup cannot find it. If RSA Identity Governance & Lifecycle cannot find the Aveksa application, it will automatically create a new Aveksa application and corresponding ADC and EDC. Because the existing Aveksa ADC and EDC were not renamed and still exist, the creation of new ones causes the duplicate error message and subsequent startup failure.
This issue is resolved in RSA Identity Governance & Lifecycle version 6.9.1. Starting in 6.9.1, the name of the Aveksa application cannot be changed.