Environment
NetIQ Cloud Access 2.1
Situation
Not able to see any groups after clicking on policy icon.
Confirmed that the identity source connector has the proper admin credentials, base that should return over a hundred groups, yet nothing shows up.
As a result can't perform any policy mappings between applicaiton and groups.
Confirmed that the identity source connector has the proper admin credentials, base that should return over a hundred groups, yet nothing shows up.
As a result can't perform any policy mappings between applicaiton and groups.
Resolution
In the customer's case there was a group with a description attribute that contained a "|" in the value. With just the one value on one group, none of the gorups would show up.
Removed the "|" from the value and all groups showed up fine
Filed a bug with engineering to account for this case.
Removed the "|" from the value and all groups showed up fine
Filed a bug with engineering to account for this case.
Cause
As mentioned above the default configuration of Cloud Access does not properly escape/account for the special | character.
Additional Information
I was able to duplicate this in my setup as well. I added a group that contained a description attribute with a "|" in it's value.
dn: cn=nam2_group,o=novell objectClass: groupOfNames objectClass: Top description: test | this cn: nam2_group
No groups would show up when clicking on policy tab.
After removing the "|" from the description all of the groups showed up properly.