Express (Distributed operating systems), v8.0 > Secure applications and their environment > Authenticate users > Select a registry or repository > Manage realms in a federated repository > Virtual member manager > Troubleshoot and Support > Support issues and limitations > Groups and membership issues and limitations
Unable to get current members of a group in database repository
Follow the steps listed here to troubleshoot if an EntityNotFoundException occurs when you are trying to get the current members of a group in a database repository with cross-repository configuration.
Problem
Virtual member manager does not return the current member results for a group in a database repository, if a user who was a member of this group was previously deleted from an LDAP repository. Instead an EntityNotFoundException is thrown.
This problem occurs because the group membership of non-existing members is not deleted from the database repository when its members in an LDAP repository are deleted.
Solution
Follow the procedure given next to define the repositoriesForMemberDeletion custom property in the database repository where the group exists and specify the LDAP repositories of the non-existent members whose group membership to be deleted.
Procedure
- Define a custom property, repositoriesForMemberDeletion, for the database repository in which the group exists. Use the setIdMgrCustomProperty wsadmin command to define the custom property and set its value, as shown in the following example.
$AdminTask setIdMgrCustomProperty { -id "DBRepoID" -name "repositoriesForMemberDeletion" -value "TDS;AD" }
- Parameters and their values
- -id
- Use this parameter to specify the database repository in which the group exists.
- -name
- This parameter specifies the name of the property used when deleting non-existing members from group membership. We must specify the name of the property as repositoriesForMemberDeletion. The name of the property is not case sensitive, but the value of this parameter should not be changed.
- -value
- Use this parameter to specify the IDs of one or more LDAP repositories that contain the group members whose membership to delete from the group in the database repository. Use semicolon (;) as a delimiter to specify multiple repository IDs. Use an asterisk (“*”) to delete all the group membership of all the non-existing members.
- Restart the server.
If you search for members of the group now, the remaining group members are displayed, and EntityNotFoundException does not occur.
Parent topic: Groups and membership issues and limitations