Select Your Region

Visit the Cary, NC, US corporate headquarters site

Americas

Europe

Middle East & Africa

Asia Pacific

View our worldwide contacts list for help finding your region

Americas

Europe

Middle East & Africa

Asia Pacific

Sign In

Get access to My SAS, trials, communities and more.

Sign Out

Get access to My SAS, trials, communities and more.

SAS Sites

sas.com
Support
Blogs
Communities
Developer
Curiosity
Videos

Documentation

Learn
Brand
PartnerNet
Merchandise
SUPPORT / SAMPLES & SAS NOTES
 

Support

Problem Note 61750: SAS® Environment Manager for SAS® Viya® returns "An error occurred loading the members list..."

DetailsHotfixAboutRate It

SAS Environment Manager for SAS Viya might return a message similar to the following when you view the properties of an LDAP group:

Members
An error occurred loading the members list.
exception:
org.springframework.ldap.InvalidNameException
Caused by: javax.naming.InvalidNameException:
Invalid Name: <userID>
correlator: 9faabfa-519f-4a32-a1c0-b7092b53fbc4
path: /identities/groups/<LDAP-group-name>/members

You might also encounter the following symptoms: 

  • the members property for a group shows ► Members(0)
  • the memberOf property for a user shows Member Of(0)

This error occurs when the LDAP attribute value that is named in the sas.identities.providers.ldap.group/member property is one of the following:

  • a relative distinguished name (RDN) 
  • a user ID

The Identities service requires that the LDAP attribute value be a fully qualified distinguished name (DN) value.

For example, the error would occur in the following scenario:

You set the sas.identities.providers.ldap.group/member property value to memberUid. With this setting, your LDAP group members are identified by the memberUid attribute:

dn: cn=LDAPNonAdminGroup,ou=groups,dc=example,dc=com
objectClass: posixGroup
objectClass: top
cn: LDAPNonAdminGroup
gidNumber: 50000
memberUid: user1
memberUid: user2
memberUid: user3

To work around this issue, modify the LDAP data so that the member property value and the memberOf property value contain a fully qualified DN rather than an RDN. Most LDAP providers (Active Directory, OpenLDAP, and so on) provide schemas to use a fully qualified DN. 

Click the Hot Fix tab in this note for a link to instructions about accessing and applying the software update.

Verify That the Update Is Installed

It is important that you now verify that the fix is installed. To do so, run the following rpm command:

rpm -q sas-identities

To complete this process, make sure that the package version that is shown in the rpm output either matches or is newer than the following:

sas-identities-2.13.21-20180308.1520533992174.x86_64

Additional Steps
 

After the update is installed, the identities service supports a non-distinguished name value for the member and memberOf properties. You must perform the following additional steps after installing the update:

  • Set the sas.identities.providers.ldap.group/member property value to the attribute that identifies the members of the group, such as memberUid.
  • Set the sas.identities.providers.ldap.group/memberOf property value to none.
  • Set the sas.identities.providers.ldap.user/memberOf property to a value of none.

Additional Assistance

If you need additional assistance, contact SAS Technical Support.



Operating System and Release Information

Product FamilyProductSystemProduct ReleaseSAS Release
ReportedFixed*ReportedFixed*
SAS SystemSAS ViyaLinux for x643.23.4Viya
* For software releases that are not yet generally available, the Fixed Release is the software release in which the problem is planned to be fixed.