Skip to Content
avatar image
Former Member

Error when submitting GRC request from IDM

Hello GRC gurus,

We were running into an issue when trying to set up our IDM - GRC integration; when submitting a request to GRC via the AC Validation task the "Submit AC Request" task always encounters an error, but in spite of which the request still gets created on the GRC end; weirdly enough, 2 requests get created each time:<br>

putNextEntry failed storingcn=TESTUSER,ou=submitrequest,o=grc

Exception from Add operation:javax.naming.CommunicationException: [LDAP: error code 2 - (GRC Submit Request:2:oracle.jdbc.driver.OracleDriver)]; remaining name 'cn=TESTUSER,ou=submitrequest,o=grc'

<br>

On the GRC end we noticed that we are getting the following error:<br>

2011-12-05 20:21:32,046 [SAPEngine_Application_Thread[impl:3]_30] ERROR com.sap.security.api.NoSuchUserAccountException: Cannot find user when logonid is null!
com.virsa.ae.service.umi.UMIException: com.sap.security.api.NoSuchUserAccountException: Cannot find user when logonid is null!
	at com.virsa.ae.service.umi.ume.UMESearchUser.getUserById(UMESearchUser.java:304)
	at com.virsa.ae.search.bo.SearchUserBO.getUserById(SearchUserBO.java:198)
	at com.virsa.ae.ejbutil.submitrequest.RequestSubmissionBean.submitRequest(RequestSubmissionBean.java:564)
	at com.virsa.ae.ejb.submitrequest.SubmitRequestEJBBean.getSubmitRequest(SubmitRequestEJBBean.java:45)
	at com.virsa.ae.ejb.submitrequest.SubmitRequestEJBObjectImpl0_0.getSubmitRequest(SubmitRequestEJBObjectImpl0_0.java:119)

2011-12-05 20:21:32,064 [SAPEngine_Application_Thread[impl:3]_30] ERROR com.virsa.ae.core.BOException:  Error in Searching Users... 
com.virsa.ae.core.BOException:  Error in Searching Users... 
	at com.virsa.ae.search.bo.SearchUserBO.getUserById(SearchUserBO.java:201)
	at com.virsa.ae.ejbutil.submitrequest.RequestSubmissionBean.submitRequest(RequestSubmissionBean.java:564)
	at com.virsa.ae.ejb.submitrequest.SubmitRequestEJBBean.getSubmitRequest(SubmitRequestEJBBean.java:45)
	at com.virsa.ae.ejb.submitrequest.SubmitRequestEJBObjectImpl0_0.getSubmitRequest(SubmitRequestEJBObjectImpl0_0.java:119)

As a result of this error GRC AC Submit request never completes successfully and so the polling task never starts, instead immediately the pending values are skipped and removed from the user in question.<br>

<br>

What are we supposed to set the User data source as within CUP? Is there something else we should be doing to fix this?<br>

<br>

Would greatly appreciate your help with trying to fix this!<br>

<br>

Thanks a lot in advance!<br>

<br>

Best regards,

Sandeep

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

2 Answers

  • Best Answer
    avatar image
    Former Member
    Dec 06, 2011 at 04:27 PM

    Hi,

    There're some restrictions regarding GRC -IDM integration. What's your GRC version? What's your IDM Version? What system are you trying to provision to?

    Cheers,

    Diego.

    Add comment
    10|10000 characters needed characters exceeded

    • Former Member Former Member

      Sandeep,

      Is nice to know that your problem has been solved. Thank you for sharing the solution with the community.

      Cheers,

      Diego.

  • Dec 06, 2011 at 04:14 PM

    Hi Sandeep,

    the general answer is: you need to use the user source that is able to find all the user IDs in your request.

    Probably LDAP via UME is your best choice.

    Frank.

    Add comment
    10|10000 characters needed characters exceeded