IBM Support

Issues with the optimized synchronization mechanism for users and group members in IBM Business Process Manager (BPM)

Flashes (Alerts)


Abstract

This document provides information about an issue with the optimized synchronization mechanism for users and group members

Content

The following product releases are affected:

  • IBM Business Process Manager V8.5.5.0
  • IBM Business Process Manager V8.0.1 Fix Pack 3
  • IBM Business Process Manager V8.0.1 Fix Pack 2 with interim fix JR48172
  • IBM Business Process Manager V8.0.1 Fix Pack 1 with interim fix JR48172

Performance optimized mechanisms have been added for synchronizing users between the WebSphere Application Server user registry and the IBM Business Process Manager database.

If IBM Business Process Manager uses federated repositories or Virtual Member Manager (VMM) as the user registry in conjunction with LDAP directories, the mechanisms can lead to erroneous user entries in the IBM Business Process Manager database.

The erroneous user entries can potentially manifest themselves in one of the following ways:
  • When the user logs in, the display name of the user is shown as NULL.
  • Users do not get the expected authorization privileges.

The issue is known to occur if the VMM configuration for an associated LDAP directory defines a loginProperties entry or an additional loginProperties entry that is different from the default ("uid"). To check the setting, go to the install_root/profiles/profile_name/config/cells/cell_name/wim/config/wimconfig.xml file on your server and locate the loginProperties entries. The install_root, profile_name, and cell_name variables are specific to your environment. In a cluster, the file is located in the Deployment Manager for every server of the cluster. The default case is that, for every associated LDAP directory, there is exactly one loginProperties entry that is set to "uid".

Interim fixes exist to avoid the erroneous user entries in the IBM Business Process Manager database. The fix is provided as APAR JR51009. The following table provides the links from which to download the interim fixes.

VersionInterim Fixes
8.5.5
8.0.1.3
8.0.1.2
8.0.1.1

Until the interim fix has been installed, do not trigger a user and group member synchronization in the following ways:
  • In the Process Admin Console under Server Admin > User Management > User Synchronization, do not trigger user synchronization by clicking Synchronize or Full Synchronize.

  • Do not execute the administration scripts for synchronizing users or group memberships. For example:
    • usersSync.bat or usersSync.sh
    • usersFullSync.bat or usersFullSync.sh
    • syncGroupMembershipForGroups.bat or syncGroupMembershipForGroups.sh
    • syncGroupMembershipForAllGroups.bat or syncGroupMembershipForAllGroups.sh

      The scripts are located in the install_root/profiles/profile_name/bin directory.

[{"Product":{"code":"SSFTDH","label":"IBM Business Process Manager Standard"},"Business Unit":{"code":"BU053","label":"Cloud \u0026 Data Platform"},"Component":"User and Group Management","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"}],"Version":"8.5.5;8.0.1.3;8.0.1.2;8.0.1.1","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}},{"Product":{"code":"SSFTBX","label":"IBM Business Process Manager Express"},"Business Unit":{"code":"BU053","label":"Cloud \u0026 Data Platform"},"Component":"User and Group Management","Platform":[{"code":"PF016","label":"Linux"},{"code":"PF033","label":"Windows"}],"Version":"8.5.5;8.0.1.3;8.0.1.2;8.0.1.1","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}},{"Product":{"code":"SSFTN5","label":"IBM Business Process Manager Advanced"},"Business Unit":{"code":"BU053","label":"Cloud \u0026 Data Platform"},"Component":"User and Group Management","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF016","label":"Linux"},{"code":"","label":"Linux zSeries"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"}],"Version":"8.5.5;8.0.1.3;8.0.1.2;8.0.1.1","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}}]

Product Synonym

BPM

Document Information

Modified date:
25 September 2022

UID

swg21683375