Seeing "EEM User Not Found" Errors while refreshing ACA cache hourly,

Document ID : KB000009144
Last Modified Date : 14/02/2018
Show Technical Document Details
Issue:

 Each hour, the ACA (APM Centralized Authentication and Authorization) updates and clears user/group cache. Typically, you would see messages in the IntroscopeEnterpriseManager.log such as 

9/22/17 04:52:04.728 PM CDT [INFO] [pool-31-thread-4] [Manager.AppMap] About to update ACA cache for 221 users

This is expected. 

But now seeing in the IntroscopeEnterpriseManager.log: 

10/11/17 10:51:11.190 AM CEST [INFO] [pool-19-thread-1] [Manager.AppMap] About to update ACA cache for 78 users 

10/11/17 10:51:11.272 AM CEST [INFO] [pool-19-thread-1] [Manager.UserManagementService] User 'John Smith' does not exist in realm EEM anymore. 

10/11/17 10:51:11.380 AM CEST [INFO] [pool-19-thread-1] [Manager.UserManagementService] User 'Jane Smith' does not exist in realm EEM anymore. 

...

Non-cached Users are no longer able to log into APM using their EEM or LDAP account. Cached users can continue to log in successfully.

APM 10.5.1 HF39 was recently installed.

Environment:
APM 10.5.1HF#21 to #39, or 10.5.2SP1(HF#5) to #13 EEM version is 8.4.415
Cause:

 A bug was introduced in APM10.5.1HF#21 to #39, or  APM 10.5.2SP1(HF#5) to #13

Resolution:

The bug is fixed in 10.5.1HF#42 & 10.5.2HF#15 & 10.7. 

Note: The user is already deleted from LDAP/EEM but still exists in the ACA cache. In this case, the log message is harmless. This message will be removed for this situation in a future release.