I’m getting an error about a lock when I try to update an identity. The lock gives an id, but it states that it’s an identity, and that identity doesn’t exist. I’ve tried just looking through several class types via an export from IIQ Console, but couldn’t find it, though the id does have the same first 6 letters as several other workflow steps. Is there a way to find this object without knowing the class?
Please share any other relevant files that may be required (for example, logs).
[Please insert files here, otherwise delete this section]
Share all details about your problem, including any error messages you may have received.
[Replace this text with the problem that you are facing]
Please check following tables id/name values, you may get a clue which object it refers to.
spt_identity
spt_link
alternatively
from Debug Pages
in 1st dropdown select Identity , in 2nd search box enter the id value from stack trace
(OR)
directly enter the value in 2nd search box without selecting anything from 1st drop down.
“Timeout waiting for lock on object: sailpoint.object.Identity:28ec05325ecd55ab015f010898ba6e35 from CIBC_LCMCreateAndUpdateCustom_Workflow/CIBC_LCM_SetCorrelatedTru…”
The problem is that the rule above call ObjectUtil on an identity that does not exist.
Unfortunately, I do not have access to the backend database. I tried using the object page, but there is no identity with the id in question, or any rule, taskdefinition, or workflow. I don’t know where this id is coming from.
If you can install plugins, you can see if you could install my Query Plugin to access the backend DB. It’s open-source, and I’d be happy to answer any questions your security folks may have about it.
about this you can create a rule and launch queries with it, I now its not the best way but it something. Or you can try to a DB manager and setting the connection with a ssh tunnel throw the ui\task server.
About the error, the id its not tu uid of identity. Check the identity that you are updating and if have some element locked, workitem, workflowcase etc…
I’ve managed to repair the rule that was causing the lock. It looked like this
ObjectUtil.lockObject
if (flow = “create”) {
//do stuff
ObjectUtil.unlockObject
}
So the issue is moot.
For those who didn’t understand the original question, the problem was that an unidentified object was being locked when any identity was edited. The system stated it was an identity, but it wasn’t in the object browser, and the id was more consistent with the workflows on the system.