SSO Policy server fails to recognize the correct directory server type being registered while executing "smldapsetup" command during Policy store setup.
Executing "smldapsetup ldgen -fsample.ldif" during the policy store setup creates a 0KB output sample.ldif file.
- Policy Server - 12.7
- Policy Store - Microsoft Active Directory LDS
- Operation system : Windows 2012 R2
This is identified to be a defect in version 12.7. SE is working on a fix.
Resolution / Workaround:
smldapsetup command provides few options for standard directory servers that can be configured with Single Sign On for policy storage.
Screenshot from smldapsetup:
smldapsetup can be executed with an argument "-m[n]" during the setup, where n will be the type number against your policy store type being used.
E.g. smldapsetup ldgen -fsample.ldif -m, where 10 is the directory type for AD LDS. This type number shows <win 2008> but can be used for <win2012> (tested) and then the command creates a valid schema output sample.ldif file.
CA Internal :
Defect # DE313293 - Dev fix available on Linux
Defect # DE313845 - For Windows, fix is yet to be released.