Symantec Access Management

  • Private Community
Back to discussions
Expand all | Collapse all

Tech Tip : CA Single Sign-On : Policy Server crashes when initializing the Kerberos Authentication

  • 1.  Tech Tip : CA Single Sign-On : Policy Server crashes when initializing the Kerberos Authentication

    Broadcom Employee
    Posted Aug 02, 2017 07:13 AM

    Issue:


    We're running a Policy Server, and this one crashes when loading the Kerberos Authentication Scheme :

     

    The in-memory Policy Server traces show :

     

    07/04/2017|15:49:39.359|15:49:39|2288|2704|SmObjStore.cpp:3557|IsADEnhanced|

    ||||||||||||||||||||Global Preferences:|||||

    07/04/2017|15:49:39.359|15:49:39|2288|2704|smauthkerberos.cpp:140|SmAuthQuery|

    ||||||||||||||||||||Enter function SmAuthQuery|

    07/04/2017|15:49:39.359|15:49:39|2288|2704|SmAuthServer.cpp:335|||||||||||||||

    |||||||LogMessage:INFO:[sm-Server-02750] Loaded authentication scheme KerbAuth.

    Version 768 . SiteMinder (TM) Kerberos Authentication Scheme|

    07/04/2017|15:49:39.359|15:49:39|2288|2704|smauthkerberos.cpp:183|SmAuthInit||

    |||||||||||||||||||Enter function SmAuthInit|

     

    Stack:

     

    Ordinal9()-[0x56370000] - C:\CA\siteminder\bin\krb5_64.dll

    krb5_cc_resolve()-[0x56377630] - C:\CA\siteminder\bin\krb5_64.dll

    SmAuthenticate()-[0x7FF810282130] - C:\CA\siteminder\bin\smauthkerberos.dll

    SmAuthInit()-[0x7FF8102806F0] - C:\CA\siteminder\bin\smauthkerberos.dll

    SmSamlDataProvider::operator=()-[0x7FF813A4DA90] - C:\CA\siteminder\bin\SmAuth.dll

    CSmAuthUser::AuthenticateUserDir()-[0x7FF813A6DE50] - C:\CA\siteminder\bin\SmAuth.dll

    CSmSessionAssuranceCache::~CSmSessionAssuranceCache()-[0x7FF7464D0A50] - C:\CA\siteminder\bin\smpolicysrv.exe

    CSmAz::SetContextContainer()-[0x7FF746498AD0] - C:\CA\siteminder\bin\smpolicysrv.exe

    CSmSessionAssuranceCache::~CSmSessionAssuranceCache()-[0x7FF7464D0A50] - C:\CA\siteminder\bin\smpolicysrv.exe

    CSmPolicyExtensionCache::~CSmPolicyExtensionCache()-[0x7FF74650E660] - C:\CA\siteminder\bin\smpolicysrv.exe

    CServer::ProcessRequest()-[0x7FF81545FE20] - C:\CA\siteminder\bin\SMUTILITIES.dll

    ThreadPool::Run()-[0x7FF81544B4E0] - C:\CA\siteminder\bin\SMUTILITIES.dll

    ThreadPool::Run()-[0x7FF81544B4E0] - C:\CA\siteminder\bin\SMUTILITIES.dll

    ThreadPoolBase::ThreadProc()-[0x7FF81549D560] - C:\CA\siteminder\bin\SMUTILITIES.dll

    beginthreadex()-[0x7FF814884E78] - C:\Windows\SYSTEM32\MSVCR120.dll

    endthreadex()-[0x7FF814884F94] - C:\Windows\SYSTEM32\MSVCR120.dll

    BaseThreadInitThunk()-[0x7FF81B9F13B0] - C:\Windows\system32\KERNEL32.DLL

    RtlUserThreadStart()-[0x7FF81DAC54B0] - C:\Windows\SYSTEM32\ntdll.dll


    Environment:

     

    Policy Server R12.6.1 on Windows 2012R2 Access Gateway R12.6.1 on Windows 2012R2 Policy Store on CA Directory 12.6

     

    Cause:

     

    The out of the box installation of the Policy Server for R12.6.1 shows missing libraries which are needed for Kerberos processing.

     

    Resolution:

     

    Extract the .dll from package MissingDlls.zip (attached to the KD) and put them in the Policy Server bin\ repository. Restart the Policy Server.

     

    KB :TEC1649417