Symantec Access Management

          Validation tool against ADP store:

          (Based upon ADP.zip attachment)

          Problem 1 – not sure what to do or affect these two would have ?

          [9990/1][Fri May 17 2013 06:55:50][SmRealm.cpp:309][CanDelete][WARN][sm-xobsm-00520] CA.SM::Realm@06-0dc8052d-c84e-47b3-9f5c-98ecd0c46192(06-0dc8052d-c84e-47b3-9f5c-98ecd0c46192): Cannot delete Realm object: The global Realm may not be deleted.

          [9990/1][Fri May 17 2013 06:55:52][SmDomain.cpp:62][CanDelete][WARN][sm-xobsm-00510] CA.SM::Domain@03-7bdf31f2-44d7-4d7b-a8f5-5de2eaa0b634(03-7bdf31f2-44d7-4d7b-a8f5-5de2eaa0b634): Cannot delete Domain object: The global Domain may not be deleted.

          Problem 2 found (144 occurrences) – I do not see the dup in the 5-17Store-xb.xml  ?

          [9990/1][Fri May 17 2013 06:55:56][Validate.cpp:160][Process][WARN][sm-xpsxps-03220] CA.SM::SAMLv2IdP@21-43bd5997-5c8b-100f-a0ca-84eb56f60cb3(): Duplicate value for CA.SM::SAMLv2IdP.Name="": CA.SM::SAMLv2IdP@21-43bd5997-5c8b-100f-a0ca-84eb56f60cb3(),CA.SM::SAMLv2IdP@21-da82648a-9072-102f-8dc8-84eb56f60cb3().

          Problem 3 found (one occurrence) – I do not see the dup in the 5-17Store-xb.xml  ?

          [9990/1][Fri May 17 2013 06:55:56][Validate.cpp:160][Process][WARN][sm-xpsxps-03220] CA.SM::AgentTypeAttr@11-8d78bb92-ae15-11d1-9cdd-006008aac24c(WebAgent-OnAuthAccept-Session-AuthContext): Duplicate value for CA.SM::AgentTypeAttr.Name="WebAgent-OnAuthAccept-Session-AuthContext": CA.SM::AgentTypeAttr@11-8d78bb92-ae15-11d1-9cdd-006008aac24c(WebAgent-OnAuthAccept-Session-AuthContext),CA.SM::AgentTypeAttr@11-8d78bb99-ae15-11d1-9cdd-006008aac24b(WebAgent-OnAuthAccept-Session-AuthContext).

          Problem 4 found (one occurrence) – Not too difficult to modify port  - OK

          [9990/1][Fri May 17 2013 06:56:00][SmHostConfig.cpp:101][IsValid][WARN][sm-xobsm-00270] CA.SM::HostConfig@21-b5a6d530-0215-1040-9747-839b3199304d(ADP_Default_Apache): Policy Server="rprodpkihaps1.adp.com,0,44442,44443": Port "0" must be an integer in the range 1-65535.

          Problem 5 found (ten occurrences) - One problem I’m seeing is the process to update the store to R12.51 removes the action types added to the default agenttype results in policy store errors

          Ten Errors:

          [9990/1][Fri May 17 2013 06:56:12][SmRule.cpp:110][IsValid][WARN][sm-xobsm-01430] CA.SM::Rule@0b-37c3fdec-6aa9-100b-a448-844af8f80cb3(Allow Access): Rule Action(s) (Delete) do not match AgentType CA.SM::AgentType@10-8d78bb96-ae15-11d1-9cdd-006008aac24b(Web Agent) Actions.

          The original ADP SMDIF from SiteMinder 6.05.32 export contains the action types, the process of setting up R12.51 over wrote the agent type removing

          objectclass: AgentType

          Oid: 10-8d78bb96-ae15-11d1-9cdd-006008aac24b

          Name: Web Agent

          Desc: SiteMinder Web Agent

          RfcId: 2552

          VendorType: 1

          ResourceType: 1

          VendorSpecificBytes: 0

          Actions: Get, OnAccessAccept, OnAccessReject, OnAuthAccept, OnAuthAttempt, OnAuthChallenge, OnAuthReject, OnAuthUserNotFound, OnAuthAcceptCredentials, Post, Put, ProcessSOAP, ProcessXML, ImpersonateStart, ImpersonateStartUser, Connect, Delete, Head, Options, Trace

          Attributes: 11-8d78bb93-ae15-11d1-9cdd-006008aac24b, 11-8d78bb94-ae15-11d1-9cdd-006008aac24b, 11-8d78bb98-ae15-11d1-9cdd-006008aac24b, 11-8d78bba1-ae15-11d1-9cdd-006008aac24b, 11-8d78bc91-ae15-11d1-9cdd-006008aac24b, 11-8d78bb99-ae15-11d1-9cdd-006008aac24b, 11-d7ae197f-ea07-4dad-bae5-328efd98eae0, 11-8d78bb97-ae15-11d1-9cdd-006008aac24b, 11-8d78bb90-ae15-11d1-9cdd-006008aac24b, 11-8d78bb95-ae15-11d1-9cdd-006008aac24b, 11-8d78bb96-ae15-11d1-9cdd-006008aac24b, 11-8d78bb92-ae15-11d1-9cdd-006008aac24c, 11-8d78bb91-ae15-11d1-9cdd-006008aac24b, 11-8d78bb92-ae15-11d1-9cdd-006008aac24b

                  </Object><!-- Xid="CA.SM::AgentType@10-8d78bb7e-ae15-11d1-9cdd-006008aac24b" -->

                  <Object Class="CA.SM::AgentType" Xid="CA.SM::AgentType@10-8d78bb96-ae15-11d1-9cdd-006008aac24b" CreatedDateTime="2013-04-25T17:29:22" ModifiedDateTime="2013-04-25T17:29:22" UpdatedBy="SMSTUB" UpdateMethod="Internal" ExportType="Replace">

                      <Property Name="CA.SM::AgentType.ResourceType">

                          <NumberValue>1</NumberValue>

                      </Property>

                      <Property Name="CA.SM::AgentType.Name">

                          <StringValue>Web Agent</StringValue>

                      </Property>

                      <Property Name="CA.SM::AgentType.Desc">

                          <StringValue>SiteMinder Web Agent</StringValue>

                      </Property>

                      <Property Name="CA.SM::AgentType.Actions">

                          <StringValue>Get</StringValue>

                          <StringValue>OnAccessAccept</StringValue>

                          <StringValue>OnAccessReject</StringValue>

                          <StringValue>OnAuthAccept</StringValue>

                          <StringValue>OnAuthAttempt</StringValue>

                          <StringValue>OnAuthChallenge</StringValue>

                          <StringValue>OnAuthReject</StringValue>

                          <StringValue>OnAuthUserNotFound</StringValue>

                          <StringValue>Post</StringValue>

                          <StringValue>Put</StringValue>

                          <StringValue>ProcessSOAP</StringValue>

                          <StringValue>ProcessXML</StringValue>

                          <StringValue>ImpersonateStart</StringValue>

                          <StringValue>ImpersonateStartUser</StringValue>

                      </Property><!-- Name="CA.SM::AgentType.Actions" -->