Gets message "group member is already exists" in IBM Security Guardium when adding group members to exception group

Troubleshooting

Problem

While creating assessment test on guardium appliance you want to add group member like "GRANTEE=APP_DBA_ROLE:PRIVILEGE-ALTER ANY INDEX" to the exception group , it will get added but when you try to add a member in below cases it will not get added and shows message " group member is already exists" Cases : Grantee=APP_DBA_ROLE:privileges-ALTER ANY INDEX grantee=app_dba_role:privilege-alter any index

Cause

Group members are not case sensitive ,hence it treat all mix case members as same , for ex. ABC , Abc ,abc are treated as same member

Environment

10.1.3

Resolving The Problem

Group members can be made case sensitive by just specifying '(R)' at the start of group member name . Examples are below :

- If you have the group member like "GRANTEE=APP_DBA_ROLE:PRIVILEGE-ALTER ANY INDEX" exist already . You can add a new member like "(R)Grantee=APP_DBA_ROLE:privileges-ALTER ANY INDEX".
- If you have the group member like "GRANT DBA to ABC" exist already . You can add a new member like "(R)grant dba to abc".

Guardium will treat '(R)' at start as regular expression and it will allow members in this way .

[{"Product":{"code":"SSMPHH","label":"IBM Security Guardium"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"General Information","Platform":[{"code":"PF016","label":"Linux"}],"Version":"10.1.3","Edition":"All Editions","Line of Business":{"code":"LOB24","label":"Security Software"}}]

Tips

Gets message "group member is already exists" in IBM Security Guardium when adding group members to exception group

Troubleshooting

Problem

Cause

Environment

Resolving The Problem

Was this topic helpful?

Document Information

UID

Share your feedback

Need support?