Novell Home

My Favorites

Close

Please to see your favorites.

'element attribute missing' error after upgrading to SP1 IR2 or later

This document (7005475) is provided subject to the disclaimer at the end of this document.

Environment

Novell Access Manager 3.1 Linux Novell Identity Server
Novell Access Manager 3.1 Linux Access Gateway

Situation

After upgrading Access Manager to SP1 IR2 or later, error message 'element attribute missing' is diplayed when trying to login to a protected resource.
 
Changes were made in SP1 IR2 that allowed for the IDP to send attributes to the ESP that had no value.  This was done to increase performance and decrease the amount of back traffic between devices. 
 
Prior to SP1 IR2, the ESP (lag) did not know how to handle blank attributes when they were sent as part of the assertion.
 
There are two conditions that have to be met in order for this error to occur:
  1. Attributes have been configured to be sent during authentication and one of the attributes sent has not value. 
  2. The Identity Server has been upgraded to SP1 IR2 or later and the ESP (Lag) remains at any code prior to SP1 IR2. 

Resolution

There are two ways to resolve this error:
  1. Ensure that all devices are running NAM SP1 IR2 or later
  2. Do not send configured attributes at login. 

Instructions on removing attributes that are being sent at login:

    1. Edit the IDP Cluster
    2. Select the 'Liberty' tab
    3. Select the LAG under 'Service Providers'
    4. Select 'Attributes' from the menu
    5. Select '<Not Specified'> in the Attribute Set drop down
    6. Select OK and update the IDP Cluster

Additional Information

none

Disclaimer

This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:7005475
  • Creation Date:11-MAR-10
  • Modified Date:26-APR-12
    • NetIQAccess Manager (NAM)

Did this document solve your problem? Provide Feedback