If an user/group is deleted from TIP - LDAP/Objectserver or any external repository without removing the roles assigned to it, the role mappings of that user will still exist in Argus policy files.
In general, deleting user/group directly from an external repository without removing roles assigned to it, doesn't delete the role mappings in TIP as WAS would not know that the user is deleted from an external repository and so the role mapping informations will be still there in the Argus policy files. Due to this WAS limitation, role mappings always need to be removed first before deleting an user/group from any external repository.
Recreate the user with same userid and delete all roles and groups for that user and check that the user is no longer present in the xml files under this location
TIPHOME\profiles\TIPProfile\config\cells\TIPCell\commonauthz\policy\href_c_TIPCell\isc\isclite.war\ and then delete that user.
Solution 2 :
1. Search for that specified user in the location TIPProfile\profiles\TIPProfile\config\cells\TIPCell\commonauthz\policy\href_c_TIPCell\isc\isclite.war
2. Edit the xml files where you find that user and delete that user entry
3. Restart the TIP server.
For more information refer to the Technote at http://www-01.ibm.com/support/docview.wss?uid=swg21576167
How to resolve User/Group deletion issues in TIP
Yazhini K Murugesan 270003TACD 2,691 Views