This website uses cookies. By continuing to browse or login to this website, you consent to the use of cookies. Learn more.
OK
andresgutierrez
Micro Focus Frequent Contributor
Micro Focus Frequent Contributor
‎2019-04-26 15:45
485 views

UserApp 4.7.1 - Child roles limited results visibility

Hello everyone,

We have a customer with a fresh, non-migrated IDM 4.7.1 installation. This customer has a huge role catalog, with more than 20.000 roles betyween roles 10-20-30, and of course there are also huge role relationships, both 30-20 and 20-10.

In the recent days, they sent us a concern about the UserApp platform: by looking a role 20 using any LDAP browser, the nrfChildRoles attribute shows the total list of child roles for that R20. But, by looking at the same role using the UserApp in the Roles Catalog, the child roles section shows only a fraction of the roles related to this R20.

Do you have any idea if this setting can be changed in order to show the total amount of child roles in this section of the UserApp?

Regards,

--
Andres Gutierrez
Security Solutions Consultant
Micro Focus HLA
Bogota DC - Colombia
Labels (1)
Labels
Tags (4)
0 Likes
Reply
Report Inappropriate Content
1 Reply
geoffc
Knowledge Partner Knowledge Partner
Knowledge Partner
‎2019-04-29 19:02

On 4/26/2019 10:46 AM, andresgutierrez wrote:
>
> Hello everyone,
>
> We have a customer with a fresh, non-migrated IDM 4.7.1 installation.
> This customer has a huge role catalog, with more than 20.000 roles
> betyween roles 10-20-30, and of course there are also huge role
> relationships, both 30-20 and 20-10.
>
> In the recent days, they sent us a concern about the UserApp platform:
> by looking a role 20 using any LDAP browser, the nrfChildRoles attribute
> shows the total list of child roles for that R20. But, by looking at the
> same role using the UserApp in the Roles Catalog, the child roles
> section shows only a fraction of the roles related to this R20.
>
> Do you have any idea if this setting can be changed in order to show the
> total amount of child roles in this section of the UserApp?

There is a possibility that a recipricol attribute pair is broken?

I.e. On a level 20 role, nrfParentRole may be set, but on the Level 10
role the nrfChildRole may not be set? (I THINK these are reciprical but
I could be wrong). If they are, you could consider using Alekzs Console2
that has a Recripical report which shows which are missing and an LDIF
to fix it. If it is not a reciprical pairning, not useful advice.

http://sneakycat.biz for Console2

0 Likes
Reply
Report Inappropriate Content
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.