I am using a JDBC user store for my primary user store(MySQL) and, when I tried to migrate from WSO2 IS 5.10.0 to 6.0.0 using the migration client, I can see the following error in the wso2carbon.log file.
[2023-05-27 12:58:27,773] [] ERROR {org.wso2.carbon.is.migration.MigrationClientImpl} - Migration process was stopped. org.wso2.carbon.identity.core.migrate.MigrationClientException: WSO2 Product Migration Service Task : Error while migrating external role permissions.
at org.wso2.carbon.is.migration.service.v5110.migrator.GroupsAndRolesMigrator.migrate(GroupsAndRolesMigrator.java:146)
at org.wso2.carbon.is.migration.VersionMigration.migrate(VersionMigration.java:52)
at org.wso2.carbon.is.migration.MigrationClientImpl.execute(MigrationClientImpl.java:85)
at org.wso2.carbon.identity.core.internal.IdentityCoreServiceComponent.activate(IdentityCoreServiceComponent.java:151)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:566)
at org.eclipse.equinox.internal.ds.model.ServiceComponent.activate(ServiceComponent.java:260)
at org.eclipse.equinox.internal.ds.model.ServiceComponentProp.activate(ServiceComponentProp.java:146)
at org.eclipse.equinox.internal.ds.model.ServiceComponentProp.build(ServiceComponentProp.java:345)
at org.eclipse.equinox.internal.ds.InstanceProcess.buildComponent(InstanceProcess.java:620)
at org.eclipse.equinox.internal.ds.InstanceProcess.buildComponents(InstanceProcess.java:197)
at org.eclipse.equinox.internal.ds.Resolver.getEligible(Resolver.java:343)
at org.eclipse.equinox.internal.ds.SCRManager.serviceChanged(SCRManager.java:222)
at org.eclipse.osgi.internal.serviceregistry.FilteredServiceListener.serviceChanged(FilteredServiceListener.java:113)
at org.eclipse.osgi.internal.framework.BundleContextImpl.dispatchEvent(BundleContextImpl.java:985)
at org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:234)
at org.eclipse.osgi.framework.eventmgr.ListenerQueue.dispatchEventSynchronous(ListenerQueue.java:151)
at org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEventPrivileged(ServiceRegistry.java:866)
at org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEvent(ServiceRegistry.java:804)
at org.eclipse.osgi.internal.serviceregistry.ServiceRegistrationImpl.register(ServiceRegistrationImpl.java:130)
at org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.registerService(ServiceRegistry.java:228)
at org.eclipse.osgi.internal.framework.BundleContextImpl.registerService(BundleContextImpl.java:525)
at org.eclipse.osgi.internal.framework.BundleContextImpl.registerService(BundleContextImpl.java:544)
at org.wso2.carbon.core.init.CarbonServerManager.initializeCarbon(CarbonServerManager.java:529)
at org.wso2.carbon.core.init.CarbonServerManager.removePendingItem(CarbonServerManager.java:305)
at org.wso2.carbon.core.init.PreAxis2ConfigItemListener.bundleChanged(PreAxis2ConfigItemListener.java:118)
at org.eclipse.osgi.internal.framework.BundleContextImpl.dispatchEvent(BundleContextImpl.java:973)
at org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:234)
at org.eclipse.osgi.framework.eventmgr.EventManager$EventThread.run(EventManager.java:345)
Caused by: org.wso2.carbon.user.core.UserStoreException: 30012 - RoleExistingRole name: admin exists in the system. Please pick another role name.
at org.wso2.carbon.user.core.common.AbstractUserStoreManager.handleRoleAlreadyExistException(AbstractUserStoreManager.java:7956)
at org.wso2.carbon.user.core.common.AbstractUserStoreManager.doAddInternalRole(AbstractUserStoreManager.java:7923)
at org.wso2.carbon.user.core.common.AbstractUserStoreManager.addRole(AbstractUserStoreManager.java:6954)
at org.wso2.carbon.user.core.common.AbstractUserStoreManager.addRole(AbstractUserStoreManager.java:9489)
at org.wso2.carbon.is.migration.service.v5110.migrator.GroupsAndRolesMigrator.migrateSuperTenantData(GroupsAndRolesMigrator.java:168)
at org.wso2.carbon.is.migration.service.v5110.migrator.GroupsAndRolesMigrator.migrate(GroupsAndRolesMigrator.java:136)
... 30 more
How can I resolve this and proceed with the migration?
First, take a DB dump of the 5.10.0 database.
Then connect to that DB dump(database) and change the admin role to admin-test. You can use the below query to update the admin role.
SELECT * FROM UM_HYBRID_ROLE WHERE UM_ROLE_NAME='admin'
If a record is observed from the above select query update the record using the following update SQL query.
UPDATE UM_HYBRID_ROLE SET UM_ROLE_NAME = 'admin-test' where UM_ROLE_NAME = 'admin'
After that, make sure that you have added the following configuration to the deployment.toml file.
[super_admin]
username = "<username>"
password = "<password>"
create_admin_account = false
admin_role = "Domain Users"
[authorization_manager.properties]
GroupAndRoleSeparationEnabled = false
Finally, do the data migration again and you will notice that the above error is gone.