Problem Note 61750: SAS® Environment Manager for SAS® Viya® returns "An error occurred loading the members list..."
 |  |  |  |  |
SAS Environment Manager for SAS Viya might return a message similar to the following when you view the properties of an LDAP group:
org.springframework.ldap.InvalidNameException
Caused by: javax.naming.InvalidNameException:
Invalid Name: <userID>
correlator: 9faabfa-519f-4a32-a1c0-b7092b53fbc4
path: /identities/groups/<LDAP-group-name>/members
You might also encounter the following symptoms:
- the members property for a group shows ► Members(0)
- the memberOf property for a user shows ► Member Of(0)
This error occurs when the LDAP attribute value that is named in the sas.identities.providers.ldap.group/member property is one of the following:
- a relative distinguished name (RDN)
- a user ID
The Identities service requires that the LDAP attribute value be a fully qualified distinguished name (DN) value.
For example, the error would occur in the following scenario:
You set the sas.identities.providers.ldap.group/member property value to memberUid. With this setting, your LDAP group members are identified by the memberUid attribute:
objectClass: posixGroup
objectClass: top
cn: LDAPNonAdminGroup
gidNumber: 50000
memberUid: user1
memberUid: user2
memberUid: user3
To work around this issue, modify the LDAP data so that the member property value and the memberOf property value contain a fully qualified DN rather than an RDN. Most LDAP providers (Active Directory, OpenLDAP, and so on) provide schemas to use a fully qualified DN.
Click the Hot Fix tab in this note for a link to instructions about accessing and applying the software update.
Verify That the Update Is Installed
It is important that you now verify that the fix is installed. To do so, run the following rpm command:
To complete this process, make sure that the package version that is shown in the rpm output either matches or is newer than the following:
Additional Steps
After the update is installed, the identities service supports a non-distinguished name value for the member and memberOf properties. You must perform the following additional steps after installing the update:
- Set the sas.identities.providers.ldap.group/member property value to the attribute that identifies the members of the group, such as memberUid.
- Set the sas.identities.providers.ldap.group/memberOf property value to none.
- Set the sas.identities.providers.ldap.user/memberOf property to a value of none.
Additional Assistance
If you need additional assistance, contact SAS Technical Support.
Operating System and Release Information
| Product Family | Product | System | Product Release | SAS Release | ||
| Reported | Fixed* | Reported | Fixed* | |||
| SAS System | SAS Viya | Linux for x64 | 3.2 | 3.4 | Viya | |
An update for this issue is available for SAS Viya 3.3. For instructions on how to access and apply software updates, see the Managing Your Software section of the SAS Viya 3.3 Administration document at
http://documentation.sas.com/?softwareId=administration&softwareVersion=3.3&softwareContextId=softwareUpdates| Type: | Problem Note |
| Priority: | medium |
| Date Modified: | 2021-07-13 10:52:12 |
| Date Created: | 2018-01-25 09:42:44 |