We installed the Role Reporting Module and migrated all of our objects
(users, groups, roles..) through the Data Collection Server.

I checked the DB with pgadmin and all the tabled contain data.

When I run the role assignation to users report, no data is returned.

I analysed the data in the DB more and found a problem:

The roles in the idmrpt_role table exists 2 times

The first role entry contains a tempguid as role_guid and not a lot of
information (no name, role level 99)

The second entry of the role contains all the informations (name,
description, correct role level etc..) and has a correct role_guid (the
guid which is also the association value in edir)

It seems to me the first entry was created to satisfy its dependencies
when migrating (the user had a role assigned which was not yet migrated
to the DCS Driver)

But the problem is the table containing all of the role assignment
information (idmrpt_idv_identity_trust ) references the roles with the
tempguid entry and not the real entry.

Am I missing something?

We are using Reporting Module patch E and the latest DCS-Driver

In our Test System this problem didn't appeared, only difference was the
initial import was done with a different version of the Reporting Module
and the DCS-Driver.

Kind Regards,

nickleloup's Profile: https://forums.netiq.com/member.php?userid=5862
View this thread: https://forums.netiq.com/showthread.php?t=51488