Working Around the SiteMinder AdminUI External Authentication Lockout

Discussion created by masvi10 Employee on Aug 14, 2012
Latest reply on Aug 15, 2012 by Chris_Hackett

Tuesday Tip by Jonathan Taft, Senior Support Engineer, for 8-14-12

There have been enquiries about getting locked out of a newly configured R12 Administration UI (AdminUI) external authentication store. Administrators are apparently locked out when they misconfigure a parameter called “disabledstate” when using the AdminUI’s external authentication store setup wizard via the AdminUI.

If this parameter is set to a value in their LDAP store that is ALREADY USED to store LDAP values, this causes the lockout. SiteMinder needs this to be an unused empty data field such as ‘carlicense’ or ‘jpegphoto’ to store disabled state information. However, if this issue has already occurred, you need to take a step back first so the SiteMinder administrator is able to get back into the AdminUI.

Hence, at this juncture, these are the steps needed:

Stop JBoss service

Delete the folder: <CA Install location>\SiteMinder\adminui\server\default\data

(Note: This defaults the user back to using policy store authentication.)

Restart JBoss service

Log back in using the original policy store based user and password.

Once you get back into the AdminUI, you then can confront this issue and have the customer use one of these empty fields described above when redoing the wizard for the AdminUI external authentication store setup.