Monday, October 12, 2015

Cleaning TEMP GROUPS and LSW_USR_GRP_MEM_XREF

There is a procedure available which cleans the TEMP Groups which deletes all temporary groups that are no longer referenced by a task.

LSW_ERASE_TEMP_GROUPS

I believe, we can use this procedure to clean all the unwanted groups and group member references from DB.
Please Note that, this procedure is already included in ‘LSW_BPD_INSTANCE_DELETE’ and ‘LSW_ERASE_TASK’, so if we are deleting instances or task using  stored procedure it automatically calls this proc.

Content of Procedure is as below(just if anyone is curious) – 

CREATE PROCEDURE LSW_ERASE_TEMP_GROUPS
(
)
LANGUAGE SQL

  -- This procedure deletes all temporary groups that are no longer referenced by a task. --

  BEGIN
 
    DECLARE groupId DECIMAL
(
   12,0
)
;
DECLARE sqlCmd VARCHAR(500)
;
DECLARE at_end DECIMAL(1,0)
;
DECLARE not_found CONDITION for SQLSTATE '02000'
;
DECLARE CONTINUE HANDLER for not_found SET at_end = 1
;
BEGIN
        DECLARE groupsToDelete CURSOR FOR stmt1
;
SET sqlCmd = 'SELECT DISTINCT g.GROUP_ID FROM LSW_USR_GRP_XREF g WHERE NOT EXISTS (SELECT 1 FROM LSW_TASK t WHERE g.GROUP_ID = ABS(t.GROUP_ID)) AND g.GROUP_TYPE = 2'
;
PREPARE stmt1
FROM sqlCmd
;
OPEN groupsToDelete
;
DELETE_GROUP_LOOP:
        LOOP
            SET at_end = 0
;
FETCH groupsToDelete INTO groupId
;
IF (at_end = 1) THEN
                LEAVE DELETE_GROUP_LOOP
;
END IF
;
DELETE
FROM LSW_USR_GRP_MEM_XREF
WHERE GROUP_ID = groupId
;
DELETE
FROM LSW_USR_GRP_XREF
WHERE GROUP_ID = groupId
;
END LOOP
;
CLOSE groupsToDelete
;
END
;
END
;



Posted by at No comments:
Labels: , , , , ,

IBM BPM Process Center Admin Tab is not visible to tw_admins and getting Authorization error while import


When you log into the process center, if you are in the tw_admins group, and no one as messed with any settings, you are a repository admin. This means that you get a 4th tab at the top of the page called "Admin" where you can control who can login to the Process Center, and if that person also sees this admin tab (as well as other features). By default tw_admins are in this list and have "Admin" checked as a property. Now if someone went and unchecked this for tw_admins, and didn't add anyone else back in.

 You can see below issues - Problem Statement

  1. Admin tab is not visible in ProcessCenter Console even for tw_admins
  2. Sometimes get Authorization error while importing applications.
    • Exception:com.lombardisoftware.client.security.AuthorizationDeniedException SourceId:com.ibm.ws.uow.UOWManagerImpl.runUnderNewUOW
  3. The button to add a new offline process server is missing

Cause
If any user account in the "tw_admins" group removes the administrative privilege, the group loses its administrative privilege as well. Thus, every user that belongs to the "tw_admins" group cannot see the "Add a New Offline Server" button under the Servers tab nor access the Admin tab.

Diagnosing the problem

To determine whether administrative privileges are set, complete the following steps:
  1. Open the LSW_ACL_ENTRY table for the ACL of the "tw_admins" group.
  2. Check the row whose "GROUP_ID" is 3, and "ACL_ENTRY_ID" is 1. If the value of "MASK" column is 127, the group "tw_admins" has administrative privilege. Otherwise, the "tw_admins" group does not have any administrative privileges.

Resolving the problem

To resolve this issue, complete the following steps:
  1. Stop the Process Center server.
  2. Review the LSW_ACL_ENTRY table in Business Process Manager database and ensure that the value of the "MASK" column with "GROUP_ID" = 3 and the "ACL_ENTRY_ID" = 1 is 127.
  3. Restart the Process Center server.
  4. Log onto the Process Center console with any user account in the "tw_admins" group.

Posted by at No comments:
Labels: , , , , , , , , ,
Subscribe to: Posts (Atom)