Revoking "Future Grant" Entitlements Throws "IAM-4060050" Error
(Doc ID 2473854.1)
Last updated on AUGUST 07, 2020
Applies to:
Identity Manager - Version 11.1.2.0.0 and laterIdentity Manager Connector - Version 11.1.1.5.0 and later
Information in this document applies to any platform.
Symptoms
If running OIM 11.1.2.X.X or OIG 12.2.1.3.X and you have either 11g Connectors which are patched with any patches listed in KM Note 2317822.1 or any 12c connectors, if you try to revoke a "Future Grant" Entitlement for a user it will fail with the following error in the UI:
And you'll see an error in the OIM standard output/error log for removeChildTableValue API where it states the entitlement value being removed from the target does not exist on the target. An example log entry for an OUD 12c connector is:
<ORACLE.IAM.CONNECTORS.ICFCOMMON.PROV.ICPROVISIONINGMANAGER> <BEA-000000>
<oracle.iam.connectors.icfcommon.prov.ICProvisioningManager :
removeChildTableValue : Error while updating user
org.identityconnectors.framework.common.exceptions.ConnectorException:
Exception Occurred while removing member to group : [LDAP: error code 16 -
Entry cn=TestRole1000,ou=Groups,dc=example,dc=com cannot be modified because
the attempt to update attribute uniqueMember would have removed one or more
values from the attribute that were not present:
uid=testuser4,ou=People,dc=example,dc=com]
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Symptoms |
| Cause |
| Solution |
| References |