BackwardCompatibleMode atribute in Unix sm.registry file of Siteminder SSO v12.52

book

Article ID: 101652

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) AXIOMATICS POLICY SERVER CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction



We're migrating a test environment with two backend Policy Servers
12.52, to 12.7. The operating system is Red Hat 6.8 and
documentation talks about adding the attribute BackwardCompatibleMode
while migrating versions to avoid agent key update rollover problem.

The question is that, when reading the "sm.registry" file of Policy
Server, it has windows registry format and don't know how to add this
value at unix file. We have searched knowledge and communities and
found this tip

https://communities.ca.com/community/ca-security/ca-single-sign-on/blog/2017/12/04/tech-tip-ca-single-sign-on-policy-serveran-agent-change-key-command-was-received-that-contained-a-set-of-null-keys

but it's not solving the problem.

Can you help us in how to add this value at sm.registry file over unix
operating system?

Environment

Release: MSPSSO99000-12.7-Single Sign-On-for Business Users-MSP
Component:

Resolution

The syntax should be :
HKEY_LOCAL_MACHINE\SOFTWARE\Netegrity\SiteMinder\CurrentVersion\PolicyServer BackwardCompatibleMode= 0x1; REG_DWORD

Note that this registry setting is available only from Policy Server 12.7