Error listing users with privacyidea-token-janitor


I’m getting the following error trying to export users list with a enrolled token in privacyIDEA (v.3.3.3 - Ubuntu 18.04):

administrator@piserver:~$ privacyidea-token-janitor find --action listuser
+ Reading tokens from database...
++ Creating token object list.
32 Tokens processed / 32 Tokens found
++ Token object list created.
+ Tokens read. Starting action.
Traceback (most recent call last):
  File "/usr/bin/privacyidea-token-janitor", line 530, in <module>
  File "/opt/privacyidea/lib/python3.6/site-packages/flask_script/", line 417, in run
    result = self.handle(argv[0], argv[1:])
  File "/opt/privacyidea/lib/python3.6/site-packages/flask_script/", line 386, in handle
    res = handle(*args, **config)
  File "/opt/privacyidea/lib/python3.6/site-packages/flask_script/", line 216, in __call__
    return*args, **kwargs)
  File "/usr/bin/privacyidea-token-janitor", line 457, in find
    tokens = export_token_data(tlist)
  File "/usr/bin/privacyidea-token-janitor", line 324, in export_token_data
    token_data.append(u"{0!s}".format("username", "")))
  File "/opt/privacyidea/lib/python3.6/site-packages/privacyidea/lib/", line 279, in info
    userInfo = y.getUserInfo(uid)
  File "/opt/privacyidea/lib/python3.6/site-packages/privacyidea/lib/resolvers/", line 258, in cache_wrapper
    f_result = func(self, *args, **kwds)
  File "/opt/privacyidea/lib/python3.6/site-packages/privacyidea/lib/resolvers/", line 507, in getUserInfo
    search_userId = to_unicode(self._trim_user_id(userId))
  File "/opt/privacyidea/lib/python3.6/site-packages/privacyidea/lib/resolvers/", line 431, in _trim_user_id
    userId = trim_objectGUID(userId)
  File "/opt/privacyidea/lib/python3.6/site-packages/privacyidea/lib/resolvers/", line 158, in trim_objectGUID
    userId = uuid.UUID(u"{{{0!s}}}".format(userId)).bytes_le
  File "/usr/lib/python3.6/", line 140, in __init__
    raise ValueError('badly formed hexadecimal UUID string')
ValueError: badly formed hexadecimal UUID string

Any hints would be great,
Kind regards,

It looks like you might have a user with a broken uuid.

What do you want to achieve?

1 Like

Hi Cornelius,

I just want to export a user list with enrolled tokens to a csv file. From the webui there is no any option to download this report.

BTW, if there is a user with a broken UUID, that user could have issues with authentication through privacyIDEA?
How could I identify the broken UUID?

Thanks for your response,


Hm, the script should catch the error of a faulty user. Maybe the catching is not wide enough.
Which version of privacyIDEA are you running? (OK, you said this)

If the uuid is problematic, then privacyIDEA will not “see” the user, and thus the user will also not be able to authenticate.
It looks like you only have 32 tokens, so you might be able to identify, if there is something/someone missing.

You could try to upgrade to version 3.4 - we changes in the User class. I am not sure, if this will be sufficient, so I opened an issue.

Looking forward to your feedback.