Patrick-Dussault

Tech Tip : CA Single Sign-On : AdminUI hangs on startup: Started 637 of 934 services (211 services failed or missing dependencies, 168 services are lazy, passive or on-demand)

Discussion created by Patrick-Dussault Employee on May 9, 2018

Issue:

 


We're running AdminUI, when we click to see objects, then we get
error in the browser :

java.lang.NullPointerException

 

More, we can see that in the Policy Server logs, there are some missing data structures :

 

smps.log

[11046/139995791681344][Thu Apr 26 2018
16:37:37][IdPPartSvc.cpp:122][validateAttrTypes][INFO][sm-xobfed-01641]
Referenced attribute CA.FED::IdPPartnership.SendACSUrlInAuthnRequest
is not present in schema

[11046/139995791681344][Thu Apr 26 2018
16:37:37][IdPPartSvc.cpp:122][validateAttrTypes][INFO][sm-xobfed-01641]
Referenced attribute CA.FED::SPPartnership.SecureAuthURL is not
present in schema

[11046/139995791681344][Thu Apr 26 2018
16:37:37][IdPPartSvc.cpp:122][validateAttrTypes][INFO][sm-xobfed-01641]
Referenced attribute
CA.FED::SPPartnership.GUIDCookieValidityDuration is not present in
schema

[11046/139995791681344][Thu Apr 26 2018
16:37:37][IdPPartSvc.cpp:122][validateAttrTypes][INFO][sm-xobfed-01641]
Referenced attribute CA.FED::IdPPartnership.NameIDPolicyFormat is
not present in schema

[11046/139995791681344][Thu Apr 26 2018
16:37:37][IdPPartSvc.cpp:122][validateAttrTypes][INFO][sm-xobfed-01641]
Referenced attribute CA.FED::IdPPartnership.IssuerFormat is not
present in schema

[11046/139995791681344][Thu Apr 26 2018
16:37:37][IdPPartSvc.cpp:122][validateAttrTypes][INFO][sm-xobfed-01641]
Referenced attribute
CA.FED::SAML1xProdToConsPartnership.SecureAuthURL is not present in
schema

[11046/139995791681344][Thu Apr 26 2018
16:37:37][IdPPartSvc.cpp:122][validateAttrTypes][INFO][sm-xobfed-01641]
Referenced attribute
CA.FED::WSFEDIPToRPPartnership.AuthenticationLevel is not present in
schema

[11046/139995791681344][Thu Apr 26 2018
16:37:37][IdPPartSvc.cpp:122][validateAttrTypes][INFO][sm-xobfed-01641]
Referenced attribute CA.FED::WSFEDIPToRPPartnership.SecureAuthURL is
not present in schema

[11046/139995791681344][Thu Apr 26 2018
16:37:37][IdPPartSvc.cpp:122][validateAttrTypes][INFO][sm-xobfed-01641]
Referenced attribute
CA.FED::WSFEDIPToRPPartnership.DontSendRecipient is not present in
schema

How can we solve this ?

 

Environment:


Policy Server 12.8 on RedHat 7;
Policy Store on ODBC MSSQL 2014;

Cause:

 


According to the above Policy Server log lines, there are some Federation data
structure missing in the Policy Store. The AdminUI needs a healthy and
complete Policy Store data to works fine.

Resolution:

 


To solve the issue, run the following again if you had them ran
already :

 

XPSImport ampolicy.xml -npass
XPSImport fedpolicy-12.5.xml -npass
XPSImport default-fedobjects-config.xml -npass

KB : KB000093219

Outcomes