Symantec SiteMinder

  • Private Community
 View Only

Tech Tip : CA Single Sign-On :Policy Server : String or binary data would be truncated

By Ujwol posted Nov 27, 2016 06:17 PM

  

Issue

Customer experience following error when policy server tries to insert data into smobjlog4 table.

 

smps.log

[624/2756][Mon Nov 12 2012 17:41:01][CSmDbODBC.cpp:194][ERROR] Data source 'SMAuditLogsDataSource4', State = 22001 Internal Code = 8152 -

[DataDirect][ODBC SQL Server Driver][SQL Server]String or binary data would be truncated., SQLResult=-1 from 'DoExecute'API at '..\..\..\CSmDbODBC.cpp:3559'

[624/2756][Mon Nov 12 2012 17:41:01][CSmDbODBC.cpp:194][ERROR] Data source 'SMAuditLogsDataSource4', State = 01000 Internal Code = 3621 -

[DataDirect][ODBC SQL Server Driver][SQL Server]The statement has been terminated., SQLResult=-1 from 'DoExecute'API at '..\..\..\CSmDbODBC.cpp:3559'

[624/2756][Mon Nov 12 2012 17:41:01][CSmDbODBC.cpp:194][ERROR] Data source 'SMAuditLogsDataSource4', State = Internal Code = 3621 - ,

SQLResult=-1 from 'DoExecute'API at '..\..\..\CSmDbODBC.cpp:3559'

[624/2756][Mon Nov 12 2012 17:41:01][SmReportsODBCLog.cpp:349][ERROR] Failed executing audit log insert: Internal Error: Database error. Code is

-4007 (DBMSG: <>>).Code: -4007. DB Code: 3621 

Environment

  • Policy Server : R12.51 and above
  • OS : ANY
  • Audit Database : ANY ODBC Database

Cause

The issue is about because of the field size limitation for sm_objid in Audit log table (smobjlog4). Policy server by default inserts the UserDN attribute in sm_objid & UserName attribute in sm_objname column.

The default column size for sm_objid is 64 byte and 512 byte for sm_objname.

The issue occurs when the UserDN value is greater than 64 byte. 

Resolution

A new registry key has been introduced which will swap the data inserted between sm_objid & sm_objname columns.

So, with the following registry in place, the UserDN will now be inserted into sm_objname column and UserName is inserted into sm_objid  column.

 

Add "SwapObjidObjName" parameter in registry under following path and set the value to 1:

 

Windows 64 Bit 

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Netegrity\SiteMinder\CurrentVersion\Report

 

Windows 32 Bit

HKEY_LOCAL_MACHINE\SOFTWARE\Netegrity\SiteMinder\CurrentVersion\Report

 

Non Windows OS

Add the following lines to the sm.registry file:

HKEY_LOCAL_MACHINE\SOFTWARE\Netegrity\SiteMinder\CurrentVersion\Report=...

 

SwapObjidObjName=0x1; REG_DWORD

 

Note:

  • If you expect the UserName attribute also to be more than 64 byte then , instead of applying this registry fix you can increase the column size for sm_objid  to 512 as well.
  • Policy server service needs to be restarted after applying the registry changes
1 comment
3 views