Tech Tip : CA Single Sign-On : Getting the error: "Failed to define the STS needed for WS-FED Active Profile" when initializing STS

Document created by Albert_Fernandez Employee on Sep 27, 2017
Version 1Show Document
  • View in full screen mode


When trying to configure STS in Access Gateway, I am getting the following errors:


[STSForOffice365.cpp:458][addResponseAttr][WARN][Assert] Assert failed: wssAttrType
[STSForOffice365.cpp:183][createOffice365STS][WARN][Assert] Assert failed: response
[STSForOffice365.cpp:822][redefineSts][ERROR][sm-xobfed-02776] Failed to define the STS needed for WS-FED Active Profile
[WSFEDIPToRPPartSvc.cpp:625][setRedefined][ERROR][sm-xobfed-01370] setRedefined failed!.
[PartnershipService.cpp:2091][PartnershipService][ERROR][sm-xobfed-02330] PartnershipService failed. Operation: 2


Before initializing, I have configured the Entities (Local WSFED IP and Remote RP), the partnership, and added the Security Token Service using the STS Name and STS Context from the partnership.


These errors occur when the process is trying to generate related objects, and finds that the policy store is missing some required objects to create them.


In order to solve the issue, please, follow the steps below:


1) Stop the Policy Server.
2) Run the following commands:
 XPSDDInstall SmMaster.xdd  (run it from PS /xps/dd folder)
 XPSImport smpolicy.xml -npass   (run it from PS /db folder)

3) Run XPSSweeper tool: 

   XPSSweeper -vT 

    and insure no error are reported

4) Start the Policy Server.

5) Once started, repeat the process to initialize STS.


KD : TEC1913177