Article ID: 129677, created on Oct 24, 2016, last review on Oct 24, 2016

  • Applies to:
  • Operations Automation 6.0

Symptoms

migrate_from_sso.py execution ends successfully for a specific account, but it does not appear to be mirated from SSO to local logins: repeated check via pim_sso_list.py shows that account is not migrated. Check in database reveals particular users (staff members or service users) that are still persist in SSO:

plesk=# select user_id,scope_id,member_id,type,login from users u JOIN identities i ON (i.identity_id = u.auth_identity_id) JOIN external_systems s ON (i.system_id = s.system_id) JOIN external_system_plugins p ON (s.plugin_id = p.plugin_id) WHERE p.name = 'APS_PIM';

 user_id | scope_id | member_id |     type     |            login
---------+----------+-----------+--------------+------------------------------
    8446 |  1006868 |   1005564 | member       | RichardBroun
    8447 |  1006869 |   1005565 | member       | RachelElizabeth
    9511 |  1006876 |           | service user | user1@example.deleted
    9513 |  1006876 |           | service user | user2@example.deleted

Other accounts are processed correctly. The script does not produce any errors.

Cause

Corrupted or inconsistent user resources. In particular, discrepancy could occur between login field in APS resource of user and APS resource of SSO-user identity. In this case user account will not be matched with its SSO identity because script will search case sensitive login, that it obtained from request GET https://192.168.133.12:6308//aps/2/resources/{ACCOUNT_UID}/users earlier.

Resolution

Either delete users, obtained from select above in this article, or, if that is not possible, contact Odin technical support for workaround.

5356b422f65bdad1c3e9edca5d74a1ae caea8340e2d186a540518d08602aa065 e12cea1d47a3125d335d68e6d4e15e07 956c448bddc7e1f3585373687602379f 6f1456866eed87488c0f02b298a741c0

Email subscription for changes to this article
Save as PDF