Symantec Access Management

Tech Tip : CA Single Sign-On : AdminUI hangs on startup: Started 637 of 934 services (211 services failed or missing dependencies, 168 services are lazy, passive or on-demand)

  • 1.  Tech Tip : CA Single Sign-On : AdminUI hangs on startup: Started 637 of 934 services (211 services failed or missing dependencies, 168 services are lazy, passive or on-demand)

    Broadcom Employee
    Posted May 09, 2018 04:31 AM

    Issue:

     


    We're running AdminUI, when we click to see objects, then we get
    error in the browser :

    java.lang.NullPointerException

     

    More, we can see that in the Policy Server logs, there are some missing data structures :

     

    smps.log

    [11046/139995791681344][Thu Apr 26 2018
    16:37:37][IdPPartSvc.cpp:122][validateAttrTypes][INFO][sm-xobfed-01641]
    Referenced attribute CA.FED::IdPPartnership.SendACSUrlInAuthnRequest
    is not present in schema

    [11046/139995791681344][Thu Apr 26 2018
    16:37:37][IdPPartSvc.cpp:122][validateAttrTypes][INFO][sm-xobfed-01641]
    Referenced attribute CA.FED::SPPartnership.SecureAuthURL is not
    present in schema

    [11046/139995791681344][Thu Apr 26 2018
    16:37:37][IdPPartSvc.cpp:122][validateAttrTypes][INFO][sm-xobfed-01641]
    Referenced attribute
    CA.FED::SPPartnership.GUIDCookieValidityDuration is not present in
    schema

    [11046/139995791681344][Thu Apr 26 2018
    16:37:37][IdPPartSvc.cpp:122][validateAttrTypes][INFO][sm-xobfed-01641]
    Referenced attribute CA.FED::IdPPartnership.NameIDPolicyFormat is
    not present in schema

    [11046/139995791681344][Thu Apr 26 2018
    16:37:37][IdPPartSvc.cpp:122][validateAttrTypes][INFO][sm-xobfed-01641]
    Referenced attribute CA.FED::IdPPartnership.IssuerFormat is not
    present in schema

    [11046/139995791681344][Thu Apr 26 2018
    16:37:37][IdPPartSvc.cpp:122][validateAttrTypes][INFO][sm-xobfed-01641]
    Referenced attribute
    CA.FED::SAML1xProdToConsPartnership.SecureAuthURL is not present in
    schema

    [11046/139995791681344][Thu Apr 26 2018
    16:37:37][IdPPartSvc.cpp:122][validateAttrTypes][INFO][sm-xobfed-01641]
    Referenced attribute
    CA.FED::WSFEDIPToRPPartnership.AuthenticationLevel is not present in
    schema

    [11046/139995791681344][Thu Apr 26 2018
    16:37:37][IdPPartSvc.cpp:122][validateAttrTypes][INFO][sm-xobfed-01641]
    Referenced attribute CA.FED::WSFEDIPToRPPartnership.SecureAuthURL is
    not present in schema

    [11046/139995791681344][Thu Apr 26 2018
    16:37:37][IdPPartSvc.cpp:122][validateAttrTypes][INFO][sm-xobfed-01641]
    Referenced attribute
    CA.FED::WSFEDIPToRPPartnership.DontSendRecipient is not present in
    schema

    How can we solve this ?

     

    Environment:


    Policy Server 12.8 on RedHat 7;
    Policy Store on ODBC MSSQL 2014;

    Cause:

     


    According to the above Policy Server log lines, there are some Federation data
    structure missing in the Policy Store. The AdminUI needs a healthy and
    complete Policy Store data to works fine.

    Resolution:

     


    To solve the issue, run the following again if you had them ran
    already :

     

    XPSImport ampolicy.xml -npass
    XPSImport fedpolicy-12.5.xml -npass
    XPSImport default-fedobjects-config.xml -npass

    KB : KB000093219