Multiple Policy Servers Hung with Event Viewer messages

Article Id: 111085
Status: Published
Updated On: 14-08-2018 12:05
Products:
CA Single Sign On Secure Proxy Server (SiteMinder) , AXIOMATICS POLICY SERVER , CA Single Sign On SOA Security Manager (SiteMinder) , CA Single Sign-On , CA Single Sign-On
Issue/Introduction:

Multiple Policy Servers Hung with Event Viewer messages.

The Application logs in the Event viewer showed:

Faulting application name: smpolicysrv.exe, version: 12.52.201.6565, time stamp: 0x574c548c Faulting module name: NSLDAPPR32V60.dll, version: 0.0.0.0, time stamp: 0x4e98476a Exception code: 0xc0000005 Fault offset: 0x000025e5 Faulting process id: 0xa4c Faulting application start time: 0x01d419aef304ff69 Faulting application path: D:\Program Files\CA\siteminder\bin\smpolicysrv.exe 
Faulting module path: D:\Program Files\CA\siteminder\bin\NSLDAPPR32V60.dll 
Report Id: 71268e78-8977-11e8-80ea-005056830654 
Faulting package full name: 

The System logs in the Event Viewer showed:

Warnings about ports 44441,44442,44443,4444 of the Policy Server

Closing a TCP socket with local port number 44442 in process 2636 is taking longer than expected. The local port number may not be available until the close operation is completed. This happens typically due to misbehaving network drivers. Ensure latest updates are installed for Windows and any third-party networking software including NIC drivers, firewalls, or other security products. 

Cause:

It was determined that a batch of Microsoft Security patches had been applied to the server.
The customer then proceeded to test each patch individually to isolate the problem.
 

Environment:

Policy Server 12.52 SP02 CR01
Windows Server 2012 R2

Resolution:

It was specifically narrowed down to KB4338824 from July 10, 2018. Removing this Windows patch resolved the Policy Server crashes.