Julien_Nitot

Tech Tip - CA Single Sign-On : Error removing Fed Partnership using the AdminUI

Discussion created by Julien_Nitot Employee on Jul 30, 2015
Latest reply on Oct 23, 2017 by Hubert Dennis

CA Single Sign-On Tech Tip by Julien Nitot, Sr Support Engineer for July 30th, 2015

 

Problem

 

When trying to remove a partnership using the AdminUI (12.52SP1CR1) you may have an error :

Error deleting partnership XXXXX

Checking the adminui server.log there are more details on the errors:


ERROR [com.ca.federation.adminui.backingbean.federation.PartnershipListBean] (http-***.YY.ZZ.QQ-8443-5)
**ERROR** com.ca.fedxps.api.remote.FedXPSException during UI operation.
com.ca.fedxps.api.remote.FedXPSException: com.ca.federation.client.XPSException: Cannot delete a related record.
(CA.FED::AuthnContextMapping@41d45474-a920-49b5-b0d6-2fd674dd9af1:
CA.FED::PartnershipBase@f7fa6c3c-e5ee-421b-a350-3b1bc573a3af(YYYYYYY).CA.FED::PartnershipBase.AuthnContextURIsLink)
....

>> Problem is that there is some AuthContextMapping defined for other partnership and could not be removed because they are also used.


Solution

 

You need to use XPSExplorer tool to delete the partnership

 

XPSExplorer

 

1)Go to partnership
2)Navigate to dproblematic partnership that you want to delete
3)Type W to get a writable copy
4)Look for attribute number of AuthnContextURIsLink(it should be 10)
5)Enter B to blank out the attribute
6)Type V to validate the record.
7)Type U o update it.
8)Type Q to come out of it.
9)Finally, delete the partnership itself in XPSexplorer


>> Restart the policy server / Restart the AdminUI

Outcomes