Symantec Access Management

  • 1.  SMKeyDatabase Question

    Posted Apr 24, 2015 10:12 AM


    Our policy servers are 12.0 SP3 CR9. We no longer need and smkeydatabase on several policy servers and plan on deleting it. Is a restart required for the policy server to pick up that change (i.e realize the DB is no longer there)?



  • 2.  Re: SMKeyDatabase Question

    Posted Apr 24, 2015 01:39 PM

    brodginskicc brodginskicc

     

    If SMKEYDATABASE is not being used, you could leave it there (OR Rename it) - the code path would not be invoked unless the policy configurations have been configured to do so (e.g. Sign an Assertion).

     

    Then when regular scheduled maintenance recycle of Services kick in OR you recycle for some other purpose the effect should take place, Nevertheless, I doubt SMKEYDATABASE is loaded into Policy Server Memory (I know for sure it is loaded into WAOP Memory).

     

    Going forward beyond R12.5 we have CDS in Policy Store and no more SMKEYDATABASE as flat file.

     

     

    Regards

     

    Hubert



  • 3.  Re: SMKeyDatabase Question

    Posted Apr 24, 2015 01:42 PM

    Thanks Hubert. We're in the process of planning for our upgrade to 12.52 and can't wait to have the DB centralized in the Policy store