[OPENAM-15244] AM configuration does not perform schema extension for identity store although it has the permissions Created: 18/Jul/19 Updated: 27/Aug/19 Resolved: 27/Aug/19
|Affects Version/s:||6.5.0, 220.127.116.11, 6.5.1, 18.104.22.168, 6.5.2|
|Fix Version/s:||6.0.1, 5.5.2, 7.0.0, 6.5.3|
|Reporter:||Bernhard Thalmayr||Assignee:||Lawrence Yarham|
|Remaining Estimate:||Not Specified|
|Time Spent:||Not Specified|
|Original Estimate:||Not Specified|
Oracle JDK 1.8.0_201-b09
|Sprint:||AM Sustaining Sprint 65, AM Sustaining Sprint 66|
|Support Ticket IDs:|
|Needs QA verification:||
|Are the reproduction steps defined?:||
Yes and I used the same an in the description
User identity subjects can not be added via AM console.
1) Apply manual schema extensions needed for AM, or
2) Ensure that the userStoreType param is included when running the install-openam amster command (as this will then result in the schema loading being performed).
It's not noted in the release notes that the functionality was removed.
|Comment by Lawrence Yarham [ 12/Aug/19 ]|
The issue here is because the userStoreType parameter for the amster install-openam command (https://backstage.forgerock.com/docs/amster/6.5/user-guide/#sec-installam-reference). As a result the processing assumes that no schema configuration is required and the resulting user store setup (in 6.5.2 and later) is named embedded (although it uses the provided host and port information).
This does look to be a change at some point after 5.5.1 as the install-openam command does perform the schema loading in 5.5.1 when the userStoreType parameter is not present. It does not look to be specifically related to profiles within the DS.