Patrick-Dussault

Tech Tip : CA Single Sign-On : Policy Server :: HouseKeeping Thread LDAP Request : xpsCategory

Discussion created by Patrick-Dussault Employee on Dec 23, 2016

Question :

 

Running Policy Server, the CA Directory Policy Store reports searches like :

 

  ! [7] 20151103.000204.436 #103.15596 TIME : SEARCH 0
  msecs dn="ou=XPS,ou=policysvr4,ou=siteminder,
  ou=netegrity,cn=siteminder" scope=one-level eis=all
  filter=(&(objectClass=xpsObject)(|(xpsCategory=2)
  (xpsCategory=3))(|(modifyTimestamp>=20151102101428.060Z)
  (createTimestamp>=20151102101428.060Z)))

 

What is the meaning of xpsCategory values ?

 

Environment :

 

SiteMinder 12SP3 onwards

 


Answer :

 

  xpsCategory=1 is data dictionary object
  xpsCategory=2 is regular object, like any objects you'll find under "PolicyData" in an export of the Policy Store .xml file
  xpsCategory=3 is security object, like any objects you'll find under "SecurityData" in an export of the Policy Store .xml file

 

So during housekeeping process, the Policy Server uses filter

 

   (&(objectClass=xpsObject)(|(xpsCategory=2)(xpsCategory=3))

 

It's looking for Policy objects or Security objects that have changed.

 

KB : TEC1242723

Outcomes