One of the major differences between SiteMinder Web Access Manager (WAM) R12 SP2 and pre-Sp2 is in the changes made in setting up the Administration UI. The SP2 installer comes with an option to choose between a pre-configured Jboss Application Server (JBoss [Trinity] 4.2.3.GA - to serve up the Administration UI components) and your other application servers (JBOSS, WebLogic or WebSphere). In addition to that, it appears that the complex method of configuring the initial administrative user has been removed. Prior installations required you to set up a user store and configure it with the right structure in order to set up the administrator login. These improvements have made it easy to set up SiteMinder R12 SP2 relatively quickly (under 30 minutes) and significantly less complex, which to me is key for those trying to get up to speed with R12.
For those of you who are not aware, R12 allows you to install SiteMinder Administration UI ‘clients’ that can exist on remote servers separate from the Policy Server instance. We’ll be installing everything on the same machine for this tutorial.
Just keep in mind that that you might need to run a client command utility called XPSRegClient to create a trusted relationship between the Administration UI client and the Policy Server when launched for the first time. The most common error that you’ll get is the “no registration on file” message when attempting to log into the Administration UI. See the ‘tips’ section for when you need to run this utility.
The goal of this mini-tutorial is to guide you through how to set up SiteMinder in a Windows environment using ADAM as a policy store (you should be able to use any other supported policy stores) and using built-in application server that ships with the installer – all on the same machine. This is especially useful for those that do not have time to comb through the installer guide.
NOTE: This tutorial should be applicable to the other installers available for Solaris, Linux, HP-UX and AIX.
1. Make sure you have JRE/JDK 1.5 (I’d recommend the most recent JRE/JDK 1.5 version to stay on the safe side) installed on the system that you are about to install SiteMinder on. This is a requirement for the SiteMinder Policy Server.
2. Go to http://support.ca.com and download the following installers:
a. CA SiteMinder Policy Server r12.0 SP2 for Windows-32-(ESD only)
b. Administrative UI Prerequisite Installer for Windows-32-(ESD only)
c. CA SiteMinder Administrative UI r12.0 SP2 for Windows-32-(ESD Only)
3. Configure a new ADAM instance (follow steps 1 through 4 in the Configuring ADAM as a SiteMinder Policy Store guide)
4. Unzip the CA SiteMinder Policy Server r12.0 SP2 for Windows-32 installer and run it.
5. Install SiteMinder R12 SP2. The installation should be straightforward.
a. Just make sure you choose the option to initialize the instance.
b. In the “Create SM Key Database”, it wouldn’t hurt to choose to import the default CA certificates (Certificate Authority).
6. Unzip the Administrative UI Prerequisite Installer for Windows-32 and CA SiteMinder Administrative UI r12.0 SP2 for Windows-32 installer into the same directory.
NOTE: This is important because the Administrative UI prerequisite installer requires the layout.properties file from the Administrative UI installer and if it does not find it, it will abort the installation by indicating that it was unable to find the layout.properties file.
7. Run the adminui-pre-req-12.0-sp2-win32.exe installer.
8. The only options you’ll have to specify is the location of the installation and the server and port number for the Administrative UI to exist on.
9. Once you’ve completed, the prerequisite installer will kick off the ca-adminui-12.0sp2-win32.exe installer automatically. If not, run it.
10. There is no additional configuration parameters to be entered during this install and might take a while to install as it compiles and configures the UI components on the application server.
11. Once completed, the installer will attempt to launch a browser and display the SiteMinder Administrative login:
Note: Under the covers, this step starts the application server and registers the SiteMinder Administration UI with the Policy Server.
12. Use SiteMinder as the username and enter the super-user password that you specified during the SiteMinder Policy server installation. Leave the ‘server’ blank as it will default to using the local server and port (unless you have specified otherwise)
13. And you’re done! You should be able to proceed with importing your SiteMinder 6.x policies and viewing them in the new Administration UI.
Tips:
If the time difference between the time you installed the Policy Server and the time you installed the Administration UI is greater than 24 hours, you might need to run the following command if you see this error when trying to login to the Administration UI for the first time:
c:CASiteminderbin>XPSRegClient siteminder -adminui-setup -t 1440 -r 5 -cp -l c:/logs/ -e c:/logs/error.log –vT
• (run XPSRegClient.exe without any parameters to get the catalog of option).
• The parameter ‘siteminder’ refers directly to the super-user
• You’ll be prompted to enter a passphrase, use the super-user password
This step is necessary to create a trusted relationship between the client and the policy server.
Hi Eric,
This is a nice summary, thank you! Your readers should be advised that there is currently an issue with the adminui-pre-req-12.0-sp2-win32.exe installer when installing the Admin UI server to a windows drive other than the C: drive. The Windows service won’t be installed automatically. You can fix this by running binservice.bat manually or install to the C: drive. We plan to fix this in the next cumulative maintenance planned for mid-April.
There are a couple of other enhancements in the r12 SP2 Admin UI that I’d like to point out. First, you can now authenticate to the Admin UI without configuring external authentication at all (i.e., using the “SiteMinder” account). This was not previously possible. Second, configuring external administration is now much easier via a new wizard inside the Admin UI > Administration > Admin UI > Configure Administrative Authentication.
Enjoy!
Jim,
Thanks for the feedback and additional information. We really appreciate it.
Todd
Hi,
This was really helpful…
One of the pre-requisite that is not mentioned anywhere in the r12 document is, the requirement of .net framework 3.5. I had a hard time to troubleshoot this issue. Finally figured it out that siteminder r12 requires .net framework to execute smobjimport.
Following is the error message it was throwing without .net framework 3.5. I think CA should document this.
Application popup: smobjimport.exe – Application Error : The application failed to initialize properly (0xc0150002). Click on OK to terminate the application.
Generate Activation Context failed for C:CAsiteminderbinvctoolkit.dll. Reference error message: The referenced assembly is not installed on your system.
Thanks for the additional information. This is very useful to know.
Todd
JBOSS is highly unstable as an application server, the WAM UI is much more stable if you front end it with Weblogic instead. You can also proxy Weblogic or JBOSS behind IIS and SSL if you wanted an added layer as in our environment we don’t allow hitting app instances directly for general administration.
Not listed in CA R12 docs is to install JBOSS as a service, you can find this service.bat file in your bin directory and just do service install which will install the JBOSS server as a windows service as well so you don’t have to run the shutdown and run.bat files to start and stop the JBOSS instance.
Also note, if you are going to use your R12 SP2 WAM UI to talk to multiple policy servers, make sure you setup your WAM UI to the first policy server with the xpsregclient :password -adminui-setup and then configure your WAM UI for external administrative store. Then you can register additional policy servers and you set them in registration mode by doing xpsregclient :password -adminui (without the -setup). You must use a unique username each time, you can’t use the same generic SM Admin you used on 1st policy server.
Other notes about the WAM UI, don’t ever use * in search queries when setting up the External Admin User store, this will cause an exception and force you to re-enter the WAM UI from scratch and you will lose all tabs and screens you had previously filled out.
Hello, this is great information. Can someone help me understand the new Admin UI for SiteMinder r12? Specifically, I see that the Admin UI resides on a separate server from the policy server. Can this one Admin UI connect to all Policy Servers in the environment? Can it extend across lower enviornments as well (Dev, Test, Stage, etc.) or would we need one per enviornment?
Thanks.
Hi Eric,
Correct. The general idea with R12 is that you can use one admin UI to connect to the different policy server environments that you have. I believe that you should be able to talk to the different environments through a single UI. I have not set that up, though.
Todd
Thanks Todd!
I could install everything just following your instructions.
But not able to create trusted connection between Admin UI and Policy server.I ran XPSRegClient as well..but the error log says..
Error occurred during “SearchExt” for “(xpsNumber=*)”, text: Unavailable critical extension.
rror occurred during “Modify” for “xpsParameter=CA.XPS::$Value_PolicyStoreID,ou=XPS…No such attribute.
Read SiteMinder Trusted Hosts FAILED.
What could be the problem
We’ll have to play around a bit to see if we can reproduce this. There is a very specific order to the steps. What LDAP are you using?
Hi, great post.
Just a note on the .net framework requirement. A version of the framework distributable that works is bundled in the /bin directory of the install, vcredist_x86.exe.
Interesting post well I did exactly except the Admin UI was installed successfully on another machine. A Windows 2003 R2 and each time I hit the login button a java exception is thrown, baffles me. Can anyone know of a solution?
type Exception report
message
description The server encountered an internal error () that prevented it from fulfilling this request.
exception
javax.servlet.ServletException: Filter execution threw an exception
com.netegrity.webapp.authentication.FrameworkLoginFilter.doFilter(FrameworkLoginFilter.java:177)
com.netegrity.webapp.filter.LocaleFilter.doFilter(LocaleFilter.java:88)
root cause
java.lang.UnsatisfiedLinkError: netegrity.siteminder.javaagent.AgentAPI.javaagent_api_init(Lnetegrity/siteminder/javaagent/InitDef;)I
netegrity.siteminder.javaagent.AgentAPI.javaagent_api_init(Native Method)
netegrity.siteminder.javaagent.AgentAPI.init(AgentAPI.java:509)
com.ca.siteminder.webadmin.configuration.AgentAPIUtilities.init(AgentAPIUtilities.java:198)
com.ca.siteminder.webadmin.configuration.Bootstrap.establishTrust(Bootstrap.java:610)
com.ca.siteminder.webadmin.configuration.ui.InitialLoginBean.doIt(InitialLoginBean.java:240)
com.ca.siteminder.webadmin.configuration.ui.InitialLoginBean.login(InitialLoginBean.java:193)
com.ca.siteminder.webadmin.configuration.ui.servlet.InitialLoginServlet.doPost(InitialLoginServlet.java:72)
javax.servlet.http.HttpServlet.service(HttpServlet.java:710)
com.ca.siteminder.webadmin.configuration.ui.servlet.InitialLoginServlet.service(InitialLoginServlet.java:88)
javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
com.netegrity.webapp.filter.ConsolePageFilter.doFilter(ConsolePageFilter.java:225)
com.netegrity.webapp.authentication.FrameworkLoginFilter.doFilter(FrameworkLoginFilter.java:177)
com.netegrity.webapp.filter.LocaleFilter.doFilter(LocaleFilter.java:88)
note The full stack trace of the root cause is available in the JBossWeb/2.0.1.GA logs.
while installing the policy store I am receiving the error.
“XPSDDInstall command Failed” with errors in XPSDDInstall.log
Error occurred during “SearchExt” for “(xpsNumber=*)”, text: Unavailable critical extension
Error occurred during “Modify” for “xpsParameter=CA.XPS::$Value_PolicyStoreID,ou=XPS,ou=policysvr4,ou=siteminder,ou=netegrity,OU=XXX,DC=XXX,DC=COM
Error occurred during “Add” for “xpsNumber=0000000001,ou=XPS,ou=policysvr4,ou=siteminder,ou=netegrity,OU=XXX,DC=XXX,DC=COM
Any body faced a similar issue. Please let me know if you are able to resolve it.
AD is our policy store
Thanks
Ram
Ram,
I’ve not seen this issue before but it might be an issue with Active Directory?
http://support.microsoft.com/kb/886683
Hi Eric,
Thanks for the reply. Looks like this issue is only with AD only.
I installed the Win2003 SP2 and with latest updates. I followed the steps
provied at the above artile to disable the VLVSupport. Still my policy store setup is throwing errors while running XPSDDInstall command.
Not sure why.
I installed SunOne Dir. Server and setup as Policy Store. I didn’t have any issues. My installation completed without any errors.
Thanks
Ram
hi
i have successfully installed admin ui (sp2) as mentioned in the article on top of jboss application.
first of all it dint ask to choose to install admin ui using option 1-install on stanadlone server or 2- install on existing app server installation
everything is perfect but when siteminder user is logged into policy server user cannot configure anything only all the links are shown like user directories,auth schme but no option to create anything?
Nishit
Can anyone explain why the PS is trying to write this attribute once a week.
See error from slapd log (IBM Tivoli Directory Server)
08/22/10 01:32:38 GLPRDB052E Entry xpsParameter=CA.XPS::$AutoSwept,ou=XPS,ou=policysvr4,ou=siteminder,ou=netegrity,ou=sso already exists
Hi guys
I have a stupid question:where i can download
“adminui-pre-req-12.0-sp2-win32.exe” and “ca-adminui-12.0sp2-win32.exe” ?
I‘m not find them at“http://support.ca.com ” or “ftp://ftp.ca.com/”。
Thanks alot!
All the latest SP2 kits can be downloaded from here:
https://support.ca.com/irj/portal/solncdndtls?aparNo=RS19535&os=ANY&fc=22&actionID=3
However, since SP3 is now available through the download center, you may want to use that version instead.
Todd
Todd,thank you very much 。I think my account have too much limited。
I can‘t download any software from CA download center。I just want some trial software …
Unable to download any of the trial versions of CA.Can you please help me in getting the trial versions of the softwares
Unfortunately, no. We don’t have the capability or rights to make CA’s software available. We can get you in touch with CA’s Sales group if you want to sign up for a demo, though. Let me know if that is of interest.
HI,
I am trying to install SiteMinder Policy Server, i have installed all the prerequisites(Windows Server 2003 and JDK 1.6), the problem i am encountering is “I Agree” button is disabled please help me out.
help can be apreciated
Ram,
The same error i encountered , but i am using 2008 server.
The issue is, while you manually add entry to ActiveDirectory.ldif file, make sure you add only the dc values and not the OU values for
Hi..This article is very Good.
May 20, 2010 at 2:34 am
Interesting post well I did exactly except the Admin UI was installed successfully on another machine. A Windows 2003 R2 and each time I hit the login button a java exception is thrown, baffles me. Can anyone know of a solution?
type Exception report
message
description The server encountered an internal error () that prevented it from fulfilling this request.
exception
javax.servlet.ServletException: Filter execution threw an exception
com.netegrity.webapp.authentication.FrameworkLoginFilter.doFilter(FrameworkLoginFilter.java:177)
com.netegrity.webapp.filter.LocaleFilter.doFilter(LocaleFilter.java:88)
root cause
java.lang.UnsatisfiedLinkError: netegrity.siteminder.javaagent.AgentAPI.javaagent_api_init(Lnetegrity/siteminder/javaagent/InitDef;)I
netegrity.siteminder.javaagent.AgentAPI.javaagent_api_init(Native Method)
netegrity.siteminder.javaagent.AgentAPI.init(AgentAPI.java:509)
com.ca.siteminder.webadmin.configuration.AgentAPIUtilities.init(AgentAPIUtilities.java:198)
com.ca.siteminder.webadmin.configuration.Bootstrap.establishTrust(Bootstrap.java:610)
com.ca.siteminder.webadmin.configuration.ui.InitialLoginBean.doIt(InitialLoginBean.java:240)
com.ca.siteminder.webadmin.configuration.ui.InitialLoginBean.login(InitialLoginBean.java:193)
com.ca.siteminder.webadmin.configuration.ui.servlet.InitialLoginServlet.doPost(InitialLoginServlet.java:72)
javax.servlet.http.HttpServlet.service(HttpServlet.java:710)
com.ca.siteminder.webadmin.configuration.ui.servlet.InitialLoginServlet.service(InitialLoginServlet.java:88)
javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
com.netegrity.webapp.filter.ConsolePageFilter.doFilter(ConsolePageFilter.java:225)
com.netegrity.webapp.authentication.FrameworkLoginFilter.doFilter(FrameworkLoginFilter.java:177)
com.netegrity.webapp.filter.LocaleFilter.doFilter(LocaleFilter.java:88)
note The full stack trace of the root cause is available in the JBossWeb/2.0.1.GA logs.
We are getting the following error in smps.log ….Any idea why does this happen ?
Error occurred during “SearchExt” for “(&(xpsNumber=*)(!(xpsCategory=1))(modifytimestamp>=20120113124906z))”, text: Timed out
What happens if you execute that search directly against the LDAP directory outside of SiteMinder (e.g. ldapsearch, jxplorer, Apache Directory Studio, etc.)? Does it return in a short amount of time? If not, it sounds like the directory is not indexed on those attributes or that the indexes need to be updated.
Can anyone suggest for a solution below :
Error occurred during “SearchExt” for “(xpsNumber=*)”, text: Timed out
Extract from smps log.
[2131/21][Mon Jan 16 2012 21:22:58][CA.XPS:LDAP0018][INFO] LDAP Provider Version: supportedldapversion = 2
[2131/21][Mon Jan 16 2012 21:22:58][CA.XPS:LDAP0018][INFO] LDAP Provider Version: supportedldapversion = 3
[2131/21][Mon Jan 16 2012 21:22:58][CA.XPS:XPSIO039][INFO] Database Transactions are OFF.
[2131/21][Mon Jan 16 2012 21:22:58][CA.XPS:XPSIO007][INFO] 2 Parameter(s) loaded from Policy Store, 2 total.
[2131/24][Mon Jan 16 2012 21:23:01][SmPolicyServer.cpp:1895][INFO] Starting key management thread
[2131/28][Mon Jan 16 2012 21:23:01][SmPolicyServer.cpp:1512][INFO] Key management thread started.
[2131/25][Mon Jan 16 2012 21:23:13][SmPolicyServer.cpp:1459][INFO] Starting journal management thread
[2131/29][Mon Jan 16 2012 21:23:13][SmPolicyServer.cpp:1408][INFO] Journaling thread started, will delete commands older than 60 minutes
[2131/21][Mon Jan 16 2012 21:23:18][smldaputils.cpp:880][INFO] Failing back LDAP store type #0 to server ’172.16.82.71:3060′.
[2131/21][Mon Jan 16 2012 21:23:38][CA.XPS:LDAP0014][ERROR] Error occurred during “SearchExt” for “(xpsNumber=*)”, text: Timed out
[2131/21][Mon Jan 16 2012 21:23:38][CA.XPS:XPSIO008][INFO] 0 object(s) loaded from the Policy Store.
[2131/21][Mon Jan 16 2012 21:23:38][CA.XPS:XPSIO026][INFO] Policy Store ID is “73942492-97a5-1004-bf2e-84f9fe800000″.
[2131/21][Mon Jan 16 2012 21:23:38][CA.XPS:AUDIT012][INFO] XPS Auditing is enabled.
This makes Siteminder and OID in hung state.
Thanks Todd for the update.
We can see that these attributes are indexed OID. However, i didnot get which are the directories you have mentioned to be indexed.?
Hi Todd,
Anpother clarification: As in OID i can see that the following attributes are indexed:
xpsNumber
XPSCategory
xpsTombstone
xpsIndexedObject
xpsParameter
xpsKeyValue
xpsValue
xpsTombstone
xpsSortKey and
modifytimestamp
However, should i go ahead and index them through Catalog again ?
Yes. I would reindex the entries in the LDAP directory and then test the search outside of Siteminder through an LDAP client.
Hi Todd,
Thanks. Do we have any command for re-indexing ?
As i had reindexed all the XPS related attributes via catalog and could see in the LDAP browser that all these attributes are indexed. However, after restarting the OID and SiteMinder services again i faced the same issue as below:
————
[2380/21][Mon Jan 16 2012 23:26:28][CA.XPS:LDAP0018][INFO] LDAP Provider Version: orcldirectoryversion = OID 11.1.1.5.0
[2380/21][Mon Jan 16 2012 23:26:28][CA.XPS:LDAP0018][INFO] LDAP Provider Version: supportedldapversion = 2
[2380/21][Mon Jan 16 2012 23:26:28][CA.XPS:LDAP0018][INFO] LDAP Provider Version: supportedldapversion = 3
[2380/21][Mon Jan 16 2012 23:26:28][CA.XPS:XPSIO039][INFO] Database Transactions are OFF.
[2380/21][Mon Jan 16 2012 23:26:29][CA.XPS:XPSIO007][INFO] 2 Parameter(s) loaded from Policy Store, 2 total.
[2380/24][Mon Jan 16 2012 23:26:31][SmPolicyServer.cpp:1895][INFO] Starting key management thread
[2380/28][Mon Jan 16 2012 23:26:31][SmPolicyServer.cpp:1512][INFO] Key management thread started.
[2380/25][Mon Jan 16 2012 23:26:43][SmPolicyServer.cpp:1459][INFO] Starting journal management thread
[2380/29][Mon Jan 16 2012 23:26:43][SmPolicyServer.cpp:1408][INFO] Journaling thread started, will delete commands older than 60 minutes
[2380/21][Mon Jan 16 2012 23:26:49][smldaputils.cpp:880][INFO] Failing back LDAP store type #0 to server ’172.16.82.71:3060′.
[2380/21][Mon Jan 16 2012 23:27:09][CA.XPS:LDAP0014][ERROR] Error occurred during “SearchExt” for “(xpsNumber=*)”, text: Timed out
[2380/21][Mon Jan 16 2012 23:27:09][CA.XPS:XPSIO008][INFO] 0 object(s) loaded from the Policy Store.
[2380/21][Mon Jan 16 2012 23:27:09][CA.XPS:XPSIO026][INFO] Policy Store ID is “73942492-97a5-1004-bf2e-84f9fe800000″.
[2380/21][Mon Jan 16 2012 23:27:09][CA.XPS:AUDIT012][INFO] XPS Auditing is enabled.
[2380/21][Mon Jan 16 2012 23:27:18][CA.XPS:EDIT0056][INFO] No validation warnings will be logged (controlled by CA.XPS::$LogValidationWarnings).
[2380/20][Mon Jan 16 2012 23:27:30][SmObjStore.cpp:303][INFO] Key Update Management is not enabled
[2380/20][Mon Jan 16 2012 23:27:30][SmObjStore.cpp:345][INFO] Key distribution has been initiated by Policy Server
[2380/31][Mon Jan 16 2012 23:32:39][smldaputils.cpp:880][INFO] Failing back LDAP store type #0 to server ’172.16.82.71:3060′.
[2380/31][Mon Jan 16 2012 23:32:59][CA.XPS:LDAP0014][ERROR] Error occurred during “SearchExt” for “(&(xpsNumber=*)(!(xpsCategory=1))(modifytimestamp>=0))”, text: Timed out
—————————
This is the result after cheking whether all the XPS related attributes are indexed or not in OID. Although i am unaware of any re Indexing commands in OID (If Any).
Pls suggest if there is any breakthrough to this. As the SiteMinder comes up, it completely freezes OID and SiteMinder UI as well.
Thanks in advance.
Hi,
We have got a solution for this error.
BY default SiteMInder searches for XPS data only for 20 seconds. We had 29900 data entries for xpsNumber and hence we had to increase the default timing in sm.registry by 10 mins (600s).
The “SearchTimeout” entry which is not present in the default sm.register was updated as below :
HKEY_LOCAL_MACHINESOFTWARENetegritySiteMinderCurrentVersionLdapPolicyStore=20495
AdminDN= cn=orcladmin; REG_SZ
AdminPW= {RC2}4BJMPQgYO5BdMBO/lfBA652fTopG4LXK; REG_SZ
AppSdk= 0; REG_DWORD
CertDbPath= ; REG_SZ
Enabled= 0×1; REG_DWORD
PSRootDN= dc=dcbok; REG_SZ
Server= 172.16.82.71:3060; REG_SZ
Use SSL= 0; REG_DWORD
Version= 5.0; REG_SZ
SearchTimeout= 600; REG_DWORD
However,
we have been hit by another performance issue now. Openign SiteMinder UI or OID-ODSM console is taking enormous time. It seems CA Siteminder guys have got a new CR009 for R12SP3. So i am going to install that patch and then see if the performance issue gets resolved..
Forgot to mention “Thanks Todd” …
Hi George, Manoj,
Have you guys figured out the solution for the issue you are getting ?
I am also getting the same error as your when clicked on the Login button. Please let me know if you found a way to get away with this error.
===
javax.servlet.ServletException: Filter execution threw an exception
com.netegrity.webapp.authentication.FrameworkLoginFilter.doFilter(FrameworkLoginFilter.java:178)
com.netegrity.webapp.filter.LocaleFilter.doFilter(LocaleFilter.java:88)
root cause
java.lang.UnsatisfiedLinkError: netegrity.siteminder.javaagent.AgentAPI.javaagent_api_init(Lnetegrity/siteminder/javaagent/InitDef;)I
netegrity.siteminder.javaagent.AgentAPI.javaagent_api_init(Native Method)
netegrity.siteminder.javaagent.AgentAPI.init(AgentAPI.java:509)
com.ca.siteminder.webadmin.configuration.AgentAPIUtilities.init(AgentAPIUtilities.java:198)
com.ca.siteminder.webadmin.configuration.Bootstrap.establishTrust(Bootstrap.java:622)
com.ca.siteminder.webadmin.configuration.ui.InitialLoginBean.doIt(InitialLoginBean.java:240)
com.ca.siteminder.webadmin.configuration.ui.InitialLoginBean.login(InitialLoginBean.java:193)
com.ca.siteminder.webadmin.configuration.ui.servlet.InitialLoginServlet.doPost(InitialLoginServlet.java:72)
javax.servlet.http.HttpServlet.service(HttpServlet.java:710)
com.ca.siteminder.webadmin.configuration.ui.servlet.InitialLoginServlet.service(InitialLoginServlet.java:88)
javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
com.netegrity.webapp.filter.ConsolePageFilter.doFilter(ConsolePageFilter.java:225)
com.netegrity.webapp.authentication.FrameworkLoginFilter.doFilter(FrameworkLoginFilter.java:178)
com.netegrity.webapp.filter.LocaleFilter.doFilter(LocaleFilter.java:88)
===
Error: The Policy Server ‘localhost’ is unreachable.
User Name: siteminder
Password: xxxxxx
i am getting the above error after providing the siteminder and password. Everything is installed in a single machine. Why I am getting
“Error: The Policy Server ‘localhost’ is unreachable”
Hi All, I am also getting same error
Error: The Policy Server ‘localhost’ is unreachable.
User Name: siteminder
Password: xxxxxx
i am getting the above error after providing the siteminder and password. Everything is installed in a single machine. Why I am getting
“Error: The Policy Server ‘localhost’ is unreachable”
Glad I’m not alone. I am getting the same unreachable error. Anyone have a fix for this?
Apparently the error is correct. I looked in smconsole and sure enough, the Policy Server is not running.
I have installed Siteminder r12 SP3 WAM. The issue which I am facing is related “Error: The Policy Server ‘localhost’ is unreachable “. I check the Siteminder Policy Server Status from “./smconsole” and found it to be running. Can someone please post some information related to troubleshooting the error.
Regards
Raju Singh
Man, man, man….I got it resolved. Please follow the following step to get rid of this dirty error:
Set Up the Policy Store
a. C:\> smldapsetup status
b. C:\> smldapsetup ldgen -fadamschema.smdif
c. C:\> smldapsetup ldmod -fadamschema.smdif
d. C:\> smreg -su (NOTE: You may need to copy smreg into the siteminder bin directory to complete this step)
So, for me this looks like:
C:\> smreg -su password
e. C:\> smobjimport -i smpolicy.smdif -dsiteminder -w -v
So, for me this looks like:
C:\> smobjimport -i”C:\Program Files\netegrity\siteminder\db\smdif\smpolicy.smdif” -dsiteminder -wpassword -v
That’s it! You should now be able to start the policy server and log-in to the policy server administration UI.
But after this, you may get “Error: No registration on file. ”
Good Luck.
Raju Singh