search cancel

Error: Fail to create object with Policy Server Session Store update

book

Article ID: 143417

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On Agents (SiteMinder) CA Single Sign On Federation (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) SITEMINDER

Issue/Introduction

 

When running a Policy Server as IDP in the Federation scenario and when a user logs in, the Policy Server faces a problem to set the session data into the Session Store. The Policy Server log reports an error :

  [2616/1932][Tue Jan 07 2020 11:55:41][SmSSInLDAPStore.cpp:1173][ERROR]
  [sm_LoginLogout_01001] Fail to create object
  cn=mzL4dsadPlzAHHKi1NYrSTIf0\+mht2Zy3bmz9AaLx7qs\=,smSessionId=hcdsad1UA4Ip/n5ddsbz79jLdGkM\=,o=mysessionstore. (32)

  [2616/1932][Tue Jan 07 2020 11:55:41][SmSessionServer.cpp:785][ERROR][sm-Server-06007]
  failed. Error code : 2

  [2616/1932][Tue Jan 07 2020 11:55:41][IsAuthorized.cpp:68][ERROR][sm-Server-02740]
  SmSessionVariableProvider::SetSessionVariable() - SetVariable Failed for :
  UserNameIDFormat.SP.21-4b15aa6c-f399-4158-a830-8f965545b81a

A KD reports a similar issue, but the parameter request to be set from this one doesn't solve the issue (1).

 

Environment

 

Policy Server 12.8SP3 on RedHat 7

 

Resolution

 

Check if the realms are all persistent and decide if persistence is needed or not. Having a mixture of persistent and non-persistent realms can provoke this error. Remove also all SLO configurations that are not in use.

 

Additional Information

 

(1)

    IWA + Federation Configuration Issues