Symantec Access Management

I am trying to change the Guest DN in Anonymous Authentication Scheme and as a part of validation i have entered an invalid User DN , but still i was able to hit the anonymous protected application and got the guid created by agent.

In the Policy Server Trace logs i can see a log statement saying below.

LogMessage:ERROR:[sm-Ldap-02230] Error# '32' during search: 'error: No such object matched dn: o=dir,c=us' Search Query = 'uid=*'

and then the below log statement show user is authenticated

[** Status: Authenticated. ][][][][][][][][Anonymous][][][][][][][cn=****,o=dir,c=us]

Is this expected? i thought one of the Pre req for the Anonymous authentication is the existence of Guest DN in UserDirectory. Can any one help why i am seeing this behaviour and is this supposted to be like this?

I am using Policy Server R12.52sp1

Hi, 

Will this help you ?

CA Single Sign-On Error# '32': Analysis & Resolution — CoreBlox 

Regards,

Ram,

Hi Sandeep,

LogMessage:ERROR:[sm-Ldap-02230] Error# '32' during search: 'error: No such object matched dn: o=dir,c=us' Search Query = 'uid=*'

Is it serving from the cache ? Did you try flushing the cache after changing the Guest DN to a different value ?

Regards,
Leo Joseph.

Hello Joe,

       Yes , I can see the updated DN value in policy server trace log.

Hi Sandeep,

Are you still facing the issue after updated DN value ?

Regards,

Leo Joseph.

Thanks Joe , I still see it as Authorized.