Symantec Access Management

  • Private Community

  • 1.  Cannot Create a CA Identity Manager Directory or Environment

    Posted Sep 22, 2016 04:05 AM

    Hi All,

     

    I am trying to integrate CA IDM 12.6 SP8 with CA SSO 12.52 SP2. I am getting below error when trying to import CA IDM directory or environment.

     

    Configuring parsed objects...
    Creating the Identity Manager directory "BARD_User_Store_Local"...
    Configuring SiteMinder user directory "BARD_User_Store_Local"...

    An error occurred while configuring Identity Manager. Reverting configured objects...
    Deleting Identity Manager directory "BARD_User_Store_Local" ...
    Error: ImsDirectoryImpl.postCreate

    *********
    1 error(s), 0 warning(s)

     

    I have even modified the following registry settings on CA SSO policy server machine.

    HKLM\SOFTWARE\Netegrity\SiteMinder\CurrentVersion

    ImsInstalled=8.0; REG_SZ

     

    But still no luck. Any help will be highly appreciated.

     

    Thanks



  • 2.  Re: Cannot Create a CA Identity Manager Directory or Environment

    Posted Sep 22, 2016 10:18 PM

    Hi Nishant,

     

    You mentioned:

     

    "I have even modified the following registry settings on CA SSO policy server machine.

    HKLM\SOFTWARE\Netegrity\SiteMinder\CurrentVersion

    ImsInstalled=8.0; REG_SZ"

     

    If you install the IM extension correctly in Siteminder policy server, you don't need to modify the registry key above.

     

    I wonder if you install the IM extension on the policy server?

    Apart from that, have you run the provided script to extend the policy store with IM schema?



  • 3.  Re: Cannot Create a CA Identity Manager Directory or Environment

    Posted Sep 26, 2016 03:14 PM

    All postCreate errors are indications of the problem occurring in the SiteMinder policy server layer. What appears in the smps.log at the time of the failure?

     

    The most common problem is a duplicate object error. This is usually seen when the policy store has been migrated from SM 12.0 to SM 12.5x.

     

    You may have to use the xpsExplorer tool on the Policy Server from the command line and look for an IMSDirectory object called "BARD_User_Store_Local". You should be able to delete that object from XPSExplorer and then attempt the import again.

     

    If this doesn't apply, you should consider opening an issue with Identity Manager support to resolve the issue.



  • 4.  Re: Cannot Create a CA Identity Manager Directory or Environment

    Posted Nov 30, 2016 06:39 PM

    Nishant, did you find resolution for this issue? 



  • 5.  Re: Cannot Create a CA Identity Manager Directory or Environment

    Posted Dec 01, 2016 06:03 AM

    Hi All,

     

    I found the resolution of the issue. The issue was that registry key "IMSInstalled"="8.0" is not present under following location. For 64 bit system, use below location.

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Netegrity\SiteMinder\CurrentVersion]

    Create the registry key manually in above location.

     

    If your system is 32 bit, then create the above mentioned registry key in following location.

    HKEY_LOCAL_MACHINE\SOFTWARE\Netegrity\SiteMinder\CurrentVersion

     

    Regards,

    Nishant