Article Number
000034366
Applies To
RSA Product Set: SecurID
RSA Product/Service Type: Authentication Manager Bulk Administration
Issue
When running the Authentication Manager Bulk Administration (AMBA) utility the error is reported in the AMBA log:
Failure:<date and time> : ................... return: Principal Not found
Despite the error, the user exists in the Authentication Manager Security Console and can be managed.
Cause
The user's security domain is not the default security domain or the user is not in the default identity source (that is, the internal database) AND the AMBA input command does not explicitly specify the security domain or identity source.
AMBA will only search for users in the default security domain (i. e., SystemDomain) and in the internal database if no specific domain or identity source is defined in the command input file.
Resolution
Modify the offending command:
- For specifying a security domain, add the field SecurityDomain in the header for the security domain information.
- For specifying an identity source, add the field named IdentitySource in the header for the identity source information.
As an example: when using the
AP action (Assign Radius Profile), the user named Anthony is in security domain named
TestDomain and in the MyCompanyAD identity source. The AMBA command would be as follows:
Action,DefLogin,ProfileName,SecurityDomain,IdentitySource
AP,anthony,CISCO,TestDomain,MyCompanyAD
Notes
This issue would apply for all user and token related commands.
If the objects are not in the default security domain or identity source, then the command must explicitly define these parameters.
