SiteMinder R12: Error: No Registration on File

Error: No registration on file

I’m one to usually skim through documentation and like to just start installing software, especially when it comes to something that I’m already familiar with. As it turns out, SiteMinder WAM R12 requires additional steps in order to complete the installation and configuration of the Policy Server. After a number of failed attempts, I finally walked through the SiteMinder WAM R12 online documentation and figured that I was missing a few steps so I thought I’d pen it here to save others some trouble.

The title of this blog post pertains to the error you get when you try to launch the SiteMinder R12 Administrative UI and try to log in using the Siteminder user. As it turns out, it basically means that the Admin UI managed to contact the Policy Server and verify that it is allowed (trust) to act as the Admin UI. The Policy Server does a check and finds no trusted relationship between the two and returns the “No registration on File” error.

The normal route to resolve this issue is to run the XPSClient command (see Quick Guide to installing SiteMinder WAM R12) to register the client (this is done on the Policy Server machine). However, if you didn’t install the Policy Server properly, you will run into issues, which will result in the same error message.

A good indicator that your Policy Server is incorrectly configured is to look at the output when running the XPSRegClient command to reg:

C:CAsiteminderdbsmdif>XPSRegClient siteminder -adminui-setup -t 60 -r 5 -cp -l c:/logs/ -vT

[XPSRegClient - XPS Version 12.0.0200.186] Log output: c:/logs/

CA-XPS:UTIL0041(INFO) : Command Line: XPSRegClient siteminder -adminui-setup -t 60 -r 5 -cp -l c:/logs/ -vT

Password:

Confirm password:

Enter comment (terminate with '.' at the beginning of a line)

Initializing system, please wait...

CA-XPS:INIT0015(INFO) : Initializing XPS Version 12.0.0200.186

CA-XPS:XPSIO039(INFO) : Database Transactions are ON.

CA-XPS:XPSIO007(INFO) : 1 Parameter(s) loaded from Policy Store, 1 total.

CA-XPS:ODBC0017(WARN) : No policy data found

CA-XPS:XPSIO008(INFO) : 0 object(s) loaded from the Policy Store.

CA-XPS:XPSIO026(INFO) : Policy Store ID is "630e35aa-6c25-40ca-a284-1abf0fe1c31f".

CA-XPS:AUDIT012(INFO) : XPS Auditing is enabled.

CA-XPS:EDIT0056(INFO) : No validation warnings will be logged (controlled by CA. XPS::$LogValidationWarnings).

Validating client name, please wait...

CA-XPS:UTIL0017(FATAL) : Read SiteMinder Trusted Hosts FAILED.

CA-XPS:XPSSTOP1(INFO) : Shutting down XPS...

CA-XPS:XPSSTOP2(INFO) : Shutting down XPS housekeeping...

CA-XPS:XPSSTOP1(INFO) : Waiting for Background threads to shutdown...

CA-XPS:XPSSTOP3(INFO) : Releasing XPS configuration cache...

CA-XPS:XPSSTOP4(INFO) : Releasing XPS policy data cache...

CA-XPS:XPSSTOP6(INFO) : Releasing SiteMinder object store connection to XPS...

CA-XPS:XPSSTOP7(INFO) : Releasing XPS audit connection...

CA-XPS:XPSSTOP9(INFO) : XPS Shutdown Complete.

As you can see in the output above, the command executed failed to register the client. If you attempt to log in using the SiteMinder Admin UI Client after running this command, you’ll get the “No Registration Found on File” error. This error is also logged in the smps.log file.

SiteMinder 6.x

For those with previous SiteMinder experience, you probably know the general steps in installing a new instance SiteMinder Policy and get the Policy Store up and running in a few minutes. In a nutshell, this were the basic steps:

  1. Configure the Schema for the Policy Store
    1. For LDAP stores:    run smldapsetup ldgen & ldmod <schema.ldif>
    2. For SQL:      execute SQL queries with the specific sql files provided in the /db/sql folder
  2. Set the super user(siteminder) using smreg to establish the password.
  3. Import the base objects in the smpolicy.smdif file with the ‘smobjimport’ command smpolicy.smdif file
  4. Restart the Policy Server and verify from the smps.log that SiteMinder has successfully started.
  5. You’re done at this point and can launch the SiteMinder Admin UI or if you didn’t opt to configure the SiteMinder UI with an existing web server during the install, you would run the smps-config script.

SiteMinder R12

Here is the new way of installing and configuring the SiteMinder R12 Policy Server

  1. Configure the Schema for the Policy Store
    1. For LDAP Stores:
      1. Run smldapsetup ldgen & ldmod <schema.ldif>
      2. Run smldapsetup ldmod /xps/db/<ldap directory type.ldif> <- This is NEW & a REQUIRED step.
        1. IMPORTANT: This is the step to extend the current schema to include the XPS objects.
        2. NOTE: For some directories (ADAM, AD), you will need to modify the ldif file to specify the root (eg dc=coreblox,dc=com) or the guid (eg B34F9AA5-C669-48E4-B8CF-DF3F5E9EFD20). The guid replacement is the value of the root of the ADAM directory that contains the cn=Configuration object.
    2. For SQL Stores:
      1. Run the sql query (Oracle/MSSQL) located in the /siteminder/db/SQL directory against the designated database instance.
      2. Run the SQLServer.sql or Oracle.sql script located in the /siteminder/xps/db directory to create the XPS objects. <-This is NEW & a REQUIRED Step.
  2. Set the super user(siteminder) using smreg to establish the password.
  3. Import the base objects in the smpolicy.smdif file with the ‘smobjimport’ command smpolicy.smdif file
  4. Import the SiteMinder Policy Store Data Definitions  <- This is NEW and a REQUIRED step
    1. According to the documentation, the sequence in which you execute the steps are important. It warns that not following the sequence will result in a failure to import other objects.
    2. The executable that is used to run the import is XPSDDInstall its located in the siteminderbin directory.
    3. The data defintion files are located in the siteminderxpsdd directory
    4. Here is the sequence that needs to be executed:
      1. XPSDDinstall SmObjects.xdd
      2. XPSDDinstall  EPMObjects.xdd
      3. XPSDDinstall  SecCat.xdd
      4. XPSDDinstall  FssSmObjects.xdd
  5. Restart the Policy Server and verify from the smps.log that SiteMinder has successfully started.
  6. Proceed to installing the SiteMinder Administration UI component or run the XPSRegClient to register a new SiteMinder UI client if you already have installed the SiteMinder Administration UI client.

Logs:

Example of a successful Client registration:

C:CAsiteminderxpsdd>XPSRegClient siteminder -adminui-setup -t 60 -r 5 -cp -l c:/logs/ -vT

[XPSRegClient - XPS Version 12.0.0200.186] Log output: c:/logs/

CA-XPS:UTIL0041(INFO) : Command Line: XPSRegClient siteminder -adminui-setup -t 60 -r 5 -cp -l c:/logs/ -vT

Password:

Confirm password:

Enter comment (terminate with '.' at the beginning of a line)

Initializing system, please wait...

CA-XPS:INIT0015(INFO) : Initializing XPS Version 12.0.0200.186

CA-XPS:XPSIO039(INFO) : Database Transactions are ON.

CA-XPS:XPSIO007(INFO) : 1 Parameter(s) loaded from Policy Store, 1 total.

CA-XPS:XPSIO008(INFO) : 1206 object(s) loaded from the Policy Store.

CA-XPS:XPSIO026(INFO) : Policy Store ID is "630e35aa-6c25-40ca-a284-1abf0fe1c31f".

CA-XPS:AUDIT012(INFO) : XPS Auditing is enabled.

CA-XPS:EDIT0056(INFO) : No validation warnings will be logged (controlled by CA. XPS::$LogValidationWarnings).

Validating client name, please wait...

Preparing registration information, please wait...

Processing complete. Thank you for waiting.

CA-XPS:XPSSTOP1(INFO) : Shutting down XPS...

CA-XPS:XPSSTOP2(INFO) : Shutting down XPS housekeeping...

CA-XPS:XPSSTOP1(INFO) : Waiting for Background threads to shutdown...

CA-XPS:XPSSTOP3(INFO) : Releasing XPS configuration cache...

CA-XPS:XPSSTOP4(INFO) : Releasing XPS policy data cache...

CA-XPS:XPSSTOP6(INFO) : Releasing SiteMinder object store connection to XPS...

CA-XPS:XPSSTOP7(INFO) : Releasing XPS audit connection...

CA-XPS:XPSSTOP9(INFO) : XPS Shutdown Complete.

Here are errors in the smps.log that indicates that you failed to import the XPS objects into the SiteMinder Policy store. See the steps above on how to rectify it

[3848/196][Thu Jun 10 2010 13:35:18][CA.XPS:ODBC0012][ERROR] An error occurred when calling "SQLExecDirect" for "Read Parameters" query

[3848/196][Thu Jun 10 2010 13:35:18][CA.XPS:ODBC0002][ERROR] 42S02:208 [CA SiteMinder][ODBC SQL Server Driver][SQL Server]Invalid object name 'xpsParameterSetting'.

[3848/196][Thu Jun 10 2010 13:35:18][CA.XPS:XPSIO007][INFO] 0 Parameter(s) loaded from Policy Store, 0 total.

[3848/196][Thu Jun 10 2010 13:35:18][CA.XPS:ODBC0012][ERROR] An error occurred when calling "SQLExecDirect" for "Initial Policy Data Read" query

[3848/196][Thu Jun 10 2010 13:35:18][CA.XPS:ODBC0002][ERROR] 42S02:208 [CA SiteMinder][ODBC SQL Server Driver][SQL Server]Invalid object name 'xpsObject'.

[3848/196][Thu Jun 10 2010 13:35:18][CA.XPS:XPSIO008][INFO] 0 object(s) loaded from the Policy Store.

[3848/196][Thu Jun 10 2010 13:35:18][CA.XPS:ODBC0012][ERROR] An error occurred when calling "SQLExecDirect" for "Update Parameter Setting" query

[3848/196][Thu Jun 10 2010 13:35:18][CA.XPS:ODBC0002][ERROR] 42S02:208 [CA SiteMinder][ODBC SQL Server Driver][SQL Server]Invalid object name 'xpsParameterSetting'.

[3848/196][Thu Jun 10 2010 13:35:18][CA.XPS:XPSIO024][ERROR] Save Policy Store ID failed.

[3848/196][Thu Jun 10 2010 13:35:18][CA.XPS:AUDIT012][INFO] XPS Auditing is enabled.

[3848/196][Thu Jun 10 2010 13:35:18][CA.XPS:EDIT0056][INFO] No validation warnings will be logged (controlled by CA.XPS::$LogValidationWarnings).

[3848/212][Thu Jun 10 2010 13:40:26][CA.XPS:ODBC0012][ERROR] An error occurred when calling "SQLExecute" for "Housekeeping Policy Data Read" query

[3848/212][Thu Jun 10 2010 13:40:26][CA.XPS:ODBC0002][ERROR] 42S02:208 [CA SiteMinder][ODBC SQL Server Driver][SQL Server]Invalid object name 'xpsObject'.

[3848/212][Thu Jun 10 2010 13:40:26][CA.XPS:ODBC0002][ERROR] 42000:8180 [CA SiteMinder][ODBC SQL Server Driver][SQL Server]Statement(s) could not be prepared.

[3848/212][Thu Jun 10 2010 13:40:27][CA.XPS:ODBC0012][ERROR] An error occurred when calling "SQLExecDirect" for "Delete Tombstones" query

[3848/212][Thu Jun 10 2010 13:40:27][CA.XPS:ODBC0002][ERROR] 42S02:208 [CA SiteMinder][ODBC SQL Server Driver][SQL Server]Invalid object name 'xpsObject'.

[3848/212][Thu Jun 10 2010 13:40:27][CA.XPS:XPSIO040][ERROR] Delete of Tombstones failed.

[3848/212][Thu Jun 10 2010 13:45:27][CA.XPS:ODBC0012][ERROR] An error occurred when calling "SQLExecute" for "Housekeeping Policy Data Read" query

[3848/212][Thu Jun 10 2010 13:45:27][CA.XPS:ODBC0002][ERROR] 42S02:208 [CA SiteMinder][ODBC SQL Server Driver][SQL Server]Invalid object name 'xpsObject'.

[3848/212][Thu Jun 10 2010 13:45:27][CA.XPS:ODBC0002][ERROR] 42000:8180 [CA SiteMinder][ODBC SQL Server Driver][SQL Server]Statement(s) could not be prepared.

[3848/212][Thu Jun 10 2010 13:45:27][CA.XPS:ODBC0012][ERROR] An error occurred when calling "SQLExecDirect" for "Delete Tombstones" query

[3848/212][Thu Jun 10 2010 13:45:27][CA.XPS:ODBC0002][ERROR] 42S02:208 [CA SiteMinder][ODBC SQL Server Driver][SQL Server]Invalid object name 'xpsObject'.

[3848/212][Thu Jun 10 2010 13:45:27][CA.XPS:XPSIO040][ERROR] Delete of Tombstones failed.

I hope you find this article useful and as usual, please don’t hesitate to let us know if you’ve got any questions, comments or tips!