CA Identity Manager: The People OU is is not visible in the web UI

Document ID : KB000111177
Last Modified Date : 17/08/2018
Show Technical Document Details
Issue:
By default, the People OU of your corporate user store is set as the default container - this is a setting that was chosen as part of creating the corporate user store in the management console of IM. When the People OU is the default it is invisible in the web UI. If you go into the Organizations tab or try to select certain OUs in a password policy for example, it will not be there but all of your other OUs will show up. This is because Identity Manager creates a People OU under all of your OUs. 

So if you have a Corporate User Store that has a root, a people OU, groups and service accounts it will really look like this: 

Root
     People
     Groups
          People
     Service Accounts
          People

Instead of what you would expect to see if People was not default: 
Root
     People
     Groups
     Service Accounts 
Resolution:
Once an environment is set up in this manner it is not possible to turn it into an environment where People is no longer the default (and visible). Editing the XML and importing is not enough because the tables in the object store need to be updated and it requires manual DB editing which is not recommended, this will damage member policies and work items, workflow, etc. The same problem would occur if you nested the People OU into another OU such as Users - by changing all of the DNs it will cause many downstream issues that cannot be handled.