Symantec Access Management

  • 1.  "No such object" error when set up CA directory as policy store

    Posted May 12, 2019 11:49 AM

    Hello 

     

    I am following below manual to set up CA directory as policy store in my new CA SSO 12.8 and CA Directory 14.1 environment.

    Configure a CA Directory Policy Store - CA Single Sign-On - 12.8 - CA Technologies Documentation 

     

    When I ran " XPSDDInstall SmMaster.xdd" command I got error as below.

    It looks like Directory missing some object. Could anybody advise me how to fix it?

    Thank you.

     

    $ XPSDDInstall SmMaster.xdd
    [XPSDDInstall - XPS Version 12.8.0100.1775]
    Log output: /opt/CA/siteminder/log/XPSDDInstall.2019-05-13_002546.log
    Initializing database, please wait...
    (ERROR) : [sm-xadobj-00110] Create failed. (metadata collection for scheme of type SAML1, Unknown Failure)
    (ERROR) : [sm-xadobj-00110] Create failed. (metadata collection for scheme of type SAML2, Unknown Failure)
    (ERROR) : [sm-xadobj-00110] Create failed. (metadata collection for scheme of type WSFED, Unknown Failure)
    (ERROR) : [sm-xadobj-00110] Create failed. (All SAML Affiliations, Unknown Failure)
    (ERROR) : [sm-xadobj-00110] Create failed. (HostTemplates, Unknown Failure)
    (ERROR) : [sm-xadobj-00110] Create failed. (AgentTemplates, Unknown Failure)
    (ERROR) : [sm-xadobj-00110] Create failed. (WS-Security Metadata, Unknown Failure)
    (ERROR) : [sm-xadobj-00110] Create failed. (AuthValidateMap, Unknown Failure)
    (ERROR) : [sm-xadobj-00110] Create failed. (metadata collection for AuthMethodGroup, Unknown Failure)
    (ERROR) : [sm-xadobj-00110] Create failed. (metadata collection for scheme of type OAuthIdP, Unknown Failure)
    (ERROR) : [sm-xadobj-00110] Create failed. (WS-Security Metadata, Unknown Failure)
    (ERROR) : [sm-xadobj-00110] Create failed. (metadata collection for scheme of type WSFED, Unknown Failure)
    (ERROR) : [sm-xadobj-00110] Create failed. (metadata collection for scheme of type SAML2, Unknown Failure)
    (ERROR) : [sm-xadobj-00110] Create failed. (metadata collection for scheme of type SAML1, Unknown Failure)
    (ERROR) : [sm-xadobj-00110] Create failed. (metadata section for AuthMethod, Unknown Failure)
    (ERROR) : [sm-xadobj-00110] Create failed. (All SAML Affiliations, Unknown Failure)
    (ERROR) : [sm-xadobj-00110] Create failed. (AgentTemplates, Unknown Failure)
    (ERROR) : [sm-xadobj-00110] Create failed. (HostTemplates, Unknown Failure)
    (ERROR) : [sm-xadobj-00110] Create failed. (AuthValidateMap, Unknown Failure)
    (FATAL) : [sm-xpsxps-03570] SiteMinder interface initialization failed.
    (WARN) : [Assert] Assert failed: pSmStore
    (FATAL) : [sm-xpsxps-04120] Unable to initialize the XPS library.

     

    /opt/CA/siteminder/log/XPSDDInstall.2019-05-13_002546.log file looks like this.

     

    [22954/139870772533056][Mon May 13 2019 00:31:10][SmObjProvider.cpp:188][ERROR][sm-Server-03090] Policy store failed ope
    ration 'Save' for object type 'RootConfig' . LDAP Error Doing LDAP RootConfig_Save in policy store: 32: No such object
    [22954/139870772533056][Mon May 13 2019 00:31:10][SmObjProvider.cpp:188][ERROR][sm-Server-03090] Policy store failed ope
    ration 'Search' for object type 'Domain' . LDAP Error Doing Domain_Search: 32: No such object
    [22954/139870772533056][Mon May 13 2019 00:31:10][SmObjCache.cpp:404][INFO][sm-Server-02800] Preloading policy store cac
    he
    [22954/139870772533056][Mon May 13 2019 00:31:10][SmObjCache.cpp:417][INFO][sm-Server-02860] BulkFetch policy store
    [22954/139870772533056][Mon May 13 2019 00:31:10][SmObjCache.cpp:420][INFO][sm-Server-02810] Precaching system configuration objects
    [22954/139870772533056][Mon May 13 2019 00:31:10][SmObjProvider.cpp:188][ERROR][sm-Server-03090] Policy store failed operation 'MultipleSearch' for object type 'Root' . LDAP Error in Root_Fetch for AgentGroups: 32: No such object
    [22954/139870772533056][Mon May 13 2019 00:31:10][SmObjCache.cpp:493][INFO][sm-Server-02870] BulkRelease policy store
    [22954/139870772533056][Mon May 13 2019 00:31:10][SmObjProvider.cpp:188][ERROR][sm-Server-03090] Policy store failed operation 'MultipleSearch' for object type 'Root' . LDAP Error in Root_Fetch for AgentGroups: 32: No such object
    [22954/139870772533056][Mon May 13 2019 00:31:10][PolicyCache.cpp:1307][INFO][sm-Server-02880] Building policy cache ...
    [22954/139870772533056][Mon May 13 2019 00:31:10][SmObjProvider.cpp:188][ERROR][sm-Server-03090] Policy store failed operation 'MultipleSearch' for object type 'Root' . LDAP Error in Root_Fetch for AgentGroups: 32: No such object

    ........



  • 2.  Re: "No such object" error when set up CA directory as policy store

    Broadcom Employee
    Posted May 14, 2019 03:04 PM

    Good Afternoon 

    Can you check on smconsole -> data tab "storage" field for both policy store and KStore the values are consistent 

     

    In smconsole, data tab, select from the drop down PStore / KStore. Check what is opted between PStore / KStore. By default when we are configuring manually, the default option on PStore / KStore is ODBC. We often only do the needful on PStore. But we never flip to KStore, thus KStore stays configured to ODBC. We have to also manually flip KStore to use LDAP or use same as PStore.

     

    you can check the following community post for a similar reported issue 

    https://communities.ca.com/thread/241815134-ca-siteminder-127-installation-on-windows-server-failing-during-data-definition

     

    Thanks 

    Syed