Symantec Access Management

SiteMinder - XPSDDInstall Error.pdf 

Jan 13, 2017 05:04 PM

 

Problem

 

 

XPSDDInstall SmMaster.xdd


[XPSDDInstall - XPS Version 12.52.0105.2113]

Log output: /opt/ca/siteminder/log/XPSDDInstall.log

Initializing database, please wait...

(ERROR) : [sm-xpsxps-07256] getpwuid failed with error code 0.

(WARN) : [sm-xpsxps-01040] No policy data found

(ERROR) : [sm-xpsxps-07050] Context user is unknown.

(FATAL) : [sm-xpsxps-04390] Unable to establish administration context.

 

 

 

Analysis

 

Strace output shows the library: /usr/lib/libnss_sss.so.2 attempting to be loaded, however the file doesn’t exist (see screen shot below).

The client uses a third-party provisioning tool to manage Unix accounts.  The accounts reside in their AD server.  When you examine /etc/passwd
or /etc/group, there will be no trace of the SiteMinder service account (smuser:smgroup). 

 

 

 

Recommendation

 

Either of the following will solve the problem:

 

  1. Create local accounts on the Unix server (Not PAM or other off-box accounts)
  2. Install required packages to support off-box accounts:
    Note: The libraries shown below match the PAM tool encountered, which this company uses.  The required library may vary for other situations.

    1. sssd-client.x86_64 (64-bit)
    2. sssd-client.i686 (32-bit)

 

Statistics
0 Favorited
12 Views
1 Files
0 Shares
2 Downloads
Attachment(s)
pdf file
SiteMinder - XPSDDInstall Error.pdf   230 KB   1 version
Uploaded - May 29, 2019

Related Entries and Links

No Related Resource entered.