Symantec IGA

  • Private Community

  • 1.  TEWS WSDL Address in CA IDM

    Posted Feb 20, 2019 11:05 AM

    Hi,

    Can someone please confirm how this below TEWS service binding URL is being configured in CA IDM. Currently as per the generated WSDL from IDM, I see the address location is pointing to one individual server but I want to change the address location to the F5 VIP URL. Can some help ?

     


    -<binding name="Tews6PublicSoapBinding" type="tns:Tews6PublicPortType">

    <soap:binding transport="http://schemas.xmlsoap.org/soap/http" style="document"/>

    </binding>


    -<service name="Tews6">


    -<port name="Tews6Port" binding="tns:Tews6SoapBinding">

    <soap:address location="https://Testtews.abc.com:8473/iam/im/TEWS6/eiam"/>

    </port>


    -<port name="Tews6PublicPort" binding="tns:Tews6PublicSoapBinding">

    <soap:address location="https://Testtews.abc.com:8473/iam/im/TEWS6/eiampub"/>

    </port>

    </service>



  • 2.  Re: TEWS WSDL Address in CA IDM

    Broadcom Employee
    Posted Feb 21, 2019 08:46 AM

    Try updating the URL configured for the environment in the management console to be the URL of the load balancer.

     

    I know that this also updates the URL that the Provisioning Server uses to send notifications back to Identity Manager (check this in the Provisioning Manager - you may need to delete the original entry). It may also update the URL used in the TEWS WSDL.



  • 3.  Re: TEWS WSDL Address in CA IDM

    Posted Feb 21, 2019 10:17 AM

    Thank you for your response. 

    In Management console, the base URL is already configured to load balancer URL. But the result is still same.



  • 4.  Re: TEWS WSDL Address in CA IDM

    Broadcom Employee
    Posted Feb 21, 2019 11:15 AM

    Please see:

     

    Incorrect WSDL URL; caim-srv-01 is in the wsdl
    Document ID : KB000124343
    Last Modified Date : 10/01/2019

    https://comm.support.ca.com/kb/caim-srv-01-is-in-the-wsdl/KB000124343

     

    In my test when using https I can go to the https url https://host/iam/im/TEWS6/identityEnv?wsdl and the results show when I search the page:

    <port name="Tews6Port" binding="tns:Tews6SoapBinding">
    <soap:address location="http://caim-srv-01:8080/iam/im/TEWS6/identityEnv"/>

     

    This is not controlled by IMAG. Review the information in the KB but you would need to review with your Administrators.  Webserver redirect, possible SSL proxy, Proxy rules on LB, etc.  Thank you.



  • 5.  Re: TEWS WSDL Address in CA IDM

    Posted Feb 22, 2019 02:08 PM

    Thank you Scott, this solution is not feasible as we are reviewing this option. I will update this community.



  • 6.  Re: TEWS WSDL Address in CA IDM
    Best Answer

    Broadcom Employee
    Posted Feb 27, 2019 09:25 AM

    Being worked through support case 01304344.  Thank you.