Custom attributes defined for User and Account Mapping are missing in Public Views and potential failure in applying patch in RSA Governance & Lifecycle
7 months ago
Article Number
000073567
Applies To
  • RSA Governance & Lifecycle 8.0.0 P07
Issue

Custom attributes for User and Account Mapping defined through UI > Admin > Attributes > User or Account Mapping, in RSA Governance & Lifecycle version 8.0.0 P06 or earlier, are removed from the corresponding Public Views, such as PV_USERS and PV_USER_ACCOUNT_MAPPING, AFTER applying patch 8.0.0 P07.  Any other views, objects, and/or components that depend on the affected Public Views may not function as expected, such as the following:

  • Advanced Dashboards
  • Dashboards
  • Pre/Post Processors for Collectors
  • Reports
  • Workflows

Additionally, applying the patch 8.0.0 P07 may fail with Errors Found while patching the schema seen on the UI accessed immediately after applying the patch IF the database schema (e.g., AVCSUSER) has been customized with definitions of custom views relying on any of the custom attributes in the affected Public Views:

In the above scenario of failed patch P07, errors like the following are seen in migrate.log:

2 Errors detected: 
64/20    PL/SQL: ORA-00904: "<Custom-Attribute-Name>": invalid identifier
0/0      ORA-00904: "T8"."<Custom-Attribute-Name>": invalid identifier
Resolution

This issue is fixed in the following version/patch:

  • RSA Governance & Lifecycle 8.0.0 P07 HF01

Review the following scenarios and take appropriate action accordingly:

  • If the patch P07 has not yet been applied on RSA Governance & Lifecycle 8.0.0, do NOT apply P07. Instead, apply P07 HF01 on RSA Governance & Lifecycle 8.0.0 P06 or earlier.
  • If the patch P07 has already been applied on RSA Governance & Lifecycle 8.0.0 AND there were no errors during the patch process, your deployment may still be affected by this issue.  Please apply P07 HF01 as soon as possible, or contact RSA Technical Support to obtain the file package.sql and follow the workaround described below.
  • If the patch P07 is being applied on RSA Governance & Lifecycle 8.0.0 AND the database schema error (described above) is being experienced, contact RSA Technical Support to obtain the file package.sql and follow the workaround described below.

 

NOTE:  The message Errors Found while patching the schema seen on the UI can be caused by other issues as well, for example, when the database schema for a remote DB has not been updated to grant appropriate permissions on DBMS_CRYPTO and DBMS_LOCK prior to applying 8.0.0 P07 as mentioned in the Patch Installation Guide.

Workaround

If the patch P07 has already been applied on RSA Governance & Lifecycle 8.0.0, follow the steps listed below to fix this issue:

  1. Copy the package.sql file to the database host, e.g., under /tmp folder.
  2. Log in as the oracle user on the database host.
  3. Run sqlplus using AVUSER credentials and run the SQL script package.sql as well as additional commands as shown below followed by a commit. Please replace AVUSER in the command shown below with a valid schema name, if it's different in your environment. 
    SQL> @/tmp/package.sql
SQL> exec public_schema.init('AVUSER');
SQL> select object_name from user_objects where status='INVALID';
SQL> exec DBMS_UTILITY.compile_schema(schema => 'AVUSER', compile_all => false);
SQL> select object_name from user_objects where status='INVALID';
SQL> commit;
SQL> exit
  4. Restart ACM
Notes
  • RSA Governance & Lifecycle 8.0.0 P07 HF01 is available for download from RSA Community > myRSA portal.
  • RSA Governance & Lifecycle 8.0.0 P07 has been removed from RSA Community > myRSA portal.

If you have not yet applied P07 on RSA Governance & Lifecycle 8.0.0, you can take the steps below to confirm whether you could be impacted by this issue if upgraded to P07:

  1. Log in as the oracle user on the database host.
  2. Run sqlplus using AVUSER credentials and run the following SQL commands: 
    SQL> set markup csv on
SQL> select table_name,name,display_name,SHOW_IN_TABLE from t_extensible_schema_columns where table_name in ('T_MASTER_ENTERPRISE_USERS','T_AV_USER_ACCOUNT_MAPPINGS') and name like 'CUS_ATTR_USER_%';
  3. If the above command does NOT show any rows/results, your deployment does not have any custom attributes defined for User and Account Mapping objects and hence NOT affected by this issue if upgraded to P07.
  4. If the above command produces any rows/results, your deployment contains custom attributes for User and/or Account Mapping objects and hence will be affected if upgraded to P07.  For example, an output like the following indicates the presence of custom attributes defined for USER and/or ACCOUNT MAPPING: 
    "TABLE_NAME","NAME","DISPLAY_NAME","SHOW_IN_TABLE"
"T_MASTER_ENTERPRISE_USERS","CUS_ATTR_USER_CAS_1","Job Code","y"
"T_MASTER_ENTERPRISE_USERS","CUS_ATTR_USER_CAS_2","Location","y"
"T_MASTER_ENTERPRISE_USERS","CUS_ATTR_USER_CAS_3","Join Date","y"
"T_MASTER_ENTERPRISE_USERS","CUS_ATTR_USER_CAS_4","Admin","y"
"T_MASTER_ENTERPRISE_USERS","CUS_ATTR_USER_CAS_5","Business Unit Admin","y"
"T_MASTER_ENTERPRISE_USERS","CUS_ATTR_USER_CAS_6","Technical Advisor","y"

 

 

Related Articles

Trending Articles

Don't see what you're looking for?