Tech Tip : CA Single Sign-On : Getting the error: "Failed to define the STS needed for WS-FED Active Profile" when initializing STS

Document created by Albert_Fernandez Employee on Sep 27, 2017
Version 1Show Document
  • View in full screen mode

Issue:

When trying to configure STS in Access Gateway, I am getting the following errors:

 

[STSForOffice365.cpp:458][addResponseAttr][WARN][Assert] Assert failed: wssAttrType
[STSForOffice365.cpp:183][createOffice365STS][WARN][Assert] Assert failed: response
[STSForOffice365.cpp:822][redefineSts][ERROR][sm-xobfed-02776] Failed to define the STS needed for WS-FED Active Profile
[WSFEDIPToRPPartSvc.cpp:625][setRedefined][ERROR][sm-xobfed-01370] setRedefined failed!.
[PartnershipService.cpp:2091][PartnershipService][ERROR][sm-xobfed-02330] PartnershipService failed. Operation: 2

 

Before initializing, I have configured the Entities (Local WSFED IP and Remote RP), the partnership, and added the Security Token Service using the STS Name and STS Context from the partnership.

Cause:

These errors occur when the process is trying to generate related objects, and finds that the policy store is missing some required objects to create them.

Resolution:

In order to solve the issue, please, follow the steps below:

 

1) Stop the Policy Server.
2) Run the following commands:
 XPSDDInstall SmMaster.xdd  (run it from PS /xps/dd folder)
 XPSImport smpolicy.xml -npass   (run it from PS /db folder)

3) Run XPSSweeper tool: 

   XPSSweeper -vT 

    and insure no error are reported

4) Start the Policy Server.

5) Once started, repeat the process to initialize STS.

 

KD : TEC1913177

Attachments

    Outcomes