SM is unable to startup properly in R12.7. Giving errors

Article Id: 131317
Status: Published
Updated On: 25-04-2019 00:38
Products:
CA Single Sign On Secure Proxy Server (SiteMinder) , AXIOMATICS POLICY SERVER , CA Single Sign On SOA Security Manager (SiteMinder) , CA Single Sign-On , CA Single Sign-On
Issue/Introduction:

When we start our Policy Server using start-all command, the Policy 
Server logs reports the error : 

smps.log 

  [41699/140663148173088][Thu Mar 14 2019 
  16:07:13][SmLdapBulkSearch.cpp:749][InitReadsVLV][ERROR][sm-xpsxps-01080] 
  Error occurred during "SearchExt" for 
  "(&(xpsNumber=*)(!(xpsTombstone=*)))", text: Timed out 

and as such the Policy Server doesn't work. How can we fix this ?

Environment:

Policy Server 12.7SP0CR0 on RedHat 6; 
Policy Store on Oracle Directory Server 11.1.1.7.0; 
 

Resolution:

Upgrade the Oracle Directory Server to 11.1.1.7.1 or higher to fix 
index problems : 

  5 Resolved Issues 

    Table 2 Issues Resolved in Release 11g Release 1 (11.1.1.7.1) 
    16737497 DSCONF REINDEX SUFFIX BREAKS ANCESTORID INDEX 

  http://docs.oracle.com/cd/E29127_01/doc.111170/e58086/toc.htm 

also referenced in : 

  How to Tune Oracle Directory Server for Policy Store 
  https://communities.ca.com/docs/DOC-231148987 

Then integrate the indexes to the Policy Store data following the
documentation :

  5. Edit the following ldif file: 

  policy_server_home/xps/db/OracleDirectoryServerBrowse.ldif 

  6. Confirm that the LDAP directory contains the following path 
  before proceeding (replace the Root DN below with your own Root 
  DN): 

  ou=xps,ou=PolicySvr4,ou=siteminder,ou=netegrity<Root_DN> 

  Edit the following LDIF file by putting the <root dn> value from 
  the previous step into the two places where the file has the 
  value of <root dn>: 

  v policy_server_home/xps/db/OracleDirectoryServerBrowser.ldif 

  7. Run the following command: 

  smldapsetup ldmod -fOracleDirectoryServerBrowse.ldif -v 

  - Rebuild the indexes : 

  Configure an Oracle Directory Server as a Policy Store 

  dsconf reindex -h localhost -p port_number -e "ou=Netegrity,root_dn" 
  dsadm reindex -bl -t "Sort xpsSortKey" Instance_Path policysvr4 
  dsadm reindex -bl -t "Sort modifyTimestamp" Instance_Path policysvr4 

  dsadm reindex -b -t xpsNumber -t xpsValue -t xpsSortKey -t 
  xpsCategory –t xpsParameter -t xpsIndexedObject -t xpsTombstone 
  instance_path policysvr4 

  https://docops.ca.com/ca-single-sign-on/12-7/en/installing/install-a-policy-server/configure-ldap-directory-servers-as-policy-session-and-key-stores/configure-an-ldap-directory-server-as-a-policy-store/configure-an-oracle-directory-server-as-a-policy-store