Symantec Access Management

I'm using CA Directory as a policy store (DSA), seeing below entries on dsa warn log. I have 

set cache-index = all-attributes; Not sure why DSA is reporting these attributes are not indexed. Anyone seen this before?

This is on dxserver 12.6.04 (build 14058) Linux 64-Bit

ps_dsa_warn_20171208.log:[3] 20171208.182356.672 WARN : RDN attribute 'smAgentCommandOID4' is not indexed

ps_dsa_warn_20171208.log:[6] 20171208.174704.935 WARN : RDN attribute 'smServerCommandOID4' is not indexed

Makesh

Setting "set use-rdn-index = true;" may eliminate this warning.

But as commented in this thread we may need to investigate why "set cache-index = all-attributes;" is not getting applied.

The WARN message does say "RDN".

Support case 00973128 is also opened for this same inquiry today. The answer remains the same. The answer should be in attached original thread that Justin responded to.

As per the Justin's comments on the other thread, here is the flow.

During navigation, the DSA will use:

1. RDN index if "set use-rdn-index = true;"
2. if 1 not set, the normal index (cache-index = <attr>)

In my case, RDN index is not set, so the DSA should pick "cache-index" settings, but its not reading this specific settings. Further investigation is needed.

As per the response from SE,

By setting "cache-index=all-attributes" in DSA, all the attributes are indexed and no need to set use-rdn-index. The observed warning getting displayed even after setting cache-index=all-attributes, can be safely ignored. An Internal defect will be created to fix this warning message which would be made available in the upcoming release.