Ujwol Shrestha

Tech Tip : CA Single Sign-On :Policy Server : String or binary data would be truncated

Blog Post created by Ujwol Shrestha Employee on Nov 27, 2016

Issue

Customer experience following error when policy server tries to insert data into smobjlog4 table.

 

smps.log

[624/2756][Mon Nov 12 2012 17:41:01][CSmDbODBC.cpp:194][ERROR] Data source 'SMAuditLogsDataSource4', State = 22001 Internal Code = 8152 -

[DataDirect][ODBC SQL Server Driver][SQL Server]String or binary data would be truncated., SQLResult=-1 from 'DoExecute'API at '..\..\..\CSmDbODBC.cpp:3559'

[624/2756][Mon Nov 12 2012 17:41:01][CSmDbODBC.cpp:194][ERROR] Data source 'SMAuditLogsDataSource4', State = 01000 Internal Code = 3621 -

[DataDirect][ODBC SQL Server Driver][SQL Server]The statement has been terminated., SQLResult=-1 from 'DoExecute'API at '..\..\..\CSmDbODBC.cpp:3559'

[624/2756][Mon Nov 12 2012 17:41:01][CSmDbODBC.cpp:194][ERROR] Data source 'SMAuditLogsDataSource4', State = Internal Code = 3621 - ,

SQLResult=-1 from 'DoExecute'API at '..\..\..\CSmDbODBC.cpp:3559'

[624/2756][Mon Nov 12 2012 17:41:01][SmReportsODBCLog.cpp:349][ERROR] Failed executing audit log insert: Internal Error: Database error. Code is

-4007 (DBMSG: <>>).Code: -4007. DB Code: 3621 

Environment

  • Policy Server : R12.51 and above
  • OS : ANY
  • Audit Database : ANY ODBC Database

Cause

The issue is about because of the field size limitation for sm_objid in Audit log table (smobjlog4). Policy server by default inserts the UserDN attribute in sm_objid & UserName attribute in sm_objname column.

The default column size for sm_objid is 64 byte and 512 byte for sm_objname.

The issue occurs when the UserDN value is greater than 64 byte. 

Resolution

A new registry key has been introduced which will swap the data inserted between sm_objid & sm_objname columns.

So, with the following registry in place, the UserDN will now be inserted into sm_objname column and UserName is inserted into sm_objid  column.

 

Add "SwapObjidObjName" parameter in registry under following path and set the value to 1:

 

Windows 64 Bit 

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Netegrity\SiteMinder\CurrentVersion\Report

 

Windows 32 Bit

HKEY_LOCAL_MACHINE\SOFTWARE\Netegrity\SiteMinder\CurrentVersion\Report

 

Non Windows OS

Add the following lines to the sm.registry file:

HKEY_LOCAL_MACHINE\SOFTWARE\Netegrity\SiteMinder\CurrentVersion\Report=...

 

SwapObjidObjName=0x1; REG_DWORD

 

Note:

  • If you expect the UserName attribute also to be more than 64 byte then , instead of applying this registry fix you can increase the column size for sm_objid  to 512 as well.
  • Policy server service needs to be restarted after applying the registry changes

Outcomes