IDM not creating siteminder objects. Can I share a Policy Server with another IDM Environment?

book

Article ID: 185329

calendar_today

Updated On:

Products

CA Identity Manager CA Identity Governance CA Identity Portal CA Identity Suite

Issue/Introduction

I have two separate IMAG environments.  One is already configured on the Siteminder Policy Server.  Can I configure another IGA environments to integrate with SSO?  Currently when I try this the objects do not get created.



 

Cause


Logs show startup works properly but objects do not get created on existing Policy Server.


2020-02-12 14:55:58,435 INFO  [ims.Main] (MSC service thread 1-3) ################################################
2020-02-12 14:55:58,435 INFO  [ims.Main] (MSC service thread 1-3) # IAM Framework 400.3.0.0.421
2020-02-12 14:55:58,435 INFO  [ims.Main] (MSC service thread 1-3) ################################################
2020-02-12 14:55:58,435 INFO  [ims.Main] (MSC service thread 1-3) ################################################
2020-02-12 14:55:58,435 INFO  [ims.Main] (MSC service thread 1-3) # CA Identity Manager 14.3.0.0.416
2020-02-12 14:55:58,435 INFO  [ims.Main] (MSC service thread 1-3) ################################################
2020-02-12 14:55:58,435 INFO  [ims.Main] (MSC service thread 1-3) ---- CA IAM FW Startup Sequence Initiated. ----
2020-02-12 14:55:58,445 INFO  [ims.Main] (MSC service thread 1-3) * Startup Step 1 : Attempting to start ServiceLocator.
2020-02-12 14:56:00,981 INFO  [ims.Main] (MSC service thread 1-3) * Startup Step 2 : Attempting to start PolicyServerService
2020-02-12 14:56:01,006 INFO  [ims.Main] (MSC service thread 1-3) * Startup Step 3 : Attempting to start ServerCommandService
2020-02-12 14:56:01,043 INFO  [ims.Main] (MSC service thread 1-3) * Startup Step 4 : Attempting to start EnvironmentService
2020-02-12 14:56:10,907 WARN  [ims.llsdk.etrustadmindirectory] (MSC service thread 1-3) Not setting tenant key for environment identityEnv
2020-02-12 14:56:43,457 WARN  [org.jgroups.protocols.TP$ProtocolAdapter] (INT-1,shared=tcp) JGRP000031: iamnode1/node1_live_to_node2_backup: dropping unicast message to wrong destination 9aca3d8b-70f2-f1f0-9b19-6e6542a6ecdb
2020-02-12 14:56:43,458 WARN  [org.jgroups.protocols.TP$ProtocolAdapter] (INT-1,shared=tcp) JGRP000031: iamnode1/live: dropping unicast message to wrong destination c2ba4600-5b1c-cea7-9335-5452d544f731
2020-02-12 14:56:46,086 ERROR [com.netegrity.crypto.AESCBCPKCS5PaddingHandler] (MSC service thread 1-3) Exception caught while decrypting.
2020-02-12 14:56:46,086 ERROR [com.netegrity.crypto.AESCBCPKCS5PaddingHandler] (MSC service thread 1-3) java.io.IOException: Error finalising cipher org.bouncycastle.crypto.internal.DataLengthException: last block incomplete in decryption
2020-02-12 14:56:46,198 INFO  [ims.Main] (MSC service thread 1-3) * Startup Step 5 : Attempting to start SecretKeyStore
2020-02-12 14:56:46,279 INFO  [ims.Main] (MSC service thread 1-3) * Startup Step 6 : Attempting to start CacheManagerService
2020-02-12 14:56:46,282 INFO  [ims.Main] (MSC service thread 1-3) * Startup Step 7 : Attempting to load global plugins.
2020-02-12 14:56:46,283 INFO  [ims.Main] (MSC service thread 1-3) * Startup Step 8 : Attempting to start AdaptersConfigService
2020-02-12 14:56:46,285 INFO  [ims.Main] (MSC service thread 1-3) * Startup Step 9 : Attempting to start EmailProviderService
2020-02-12 14:56:46,289 INFO  [ims.Main] (MSC service thread 1-3) * Startup Step 10 : Attempting to start AuditProviderService
2020-02-12 14:56:46,301 INFO  [ims.Main] (MSC service thread 1-3) * Startup Step 11 : Attempting to start RuntimeStatusDetailService
2020-02-12 14:56:46,305 INFO  [ims.Main] (MSC service thread 1-3)   dups-OK-acknowledge mode is applied to runtime status message queue
2020-02-12 14:56:46,312 INFO  [ims.Main] (MSC service thread 1-3) * Startup Step 12 : Attempting to start PasswordService
2020-02-12 14:56:46,313 INFO  [ims.Main] (MSC service thread 1-3) * Startup Step 13 : Attempting to start LogicalAttributeService
2020-02-12 14:56:46,314 INFO  [ims.Main] (MSC service thread 1-3) * Startup Step 14 : Attempting to start BLTHService
2020-02-12 14:56:46,315 INFO  [ims.Main] (MSC service thread 1-3) * Startup Step 15 : Attempting to start ParticipantResolverService
2020-02-12 14:56:46,315 INFO  [ims.Main] (MSC service thread 1-3) * Startup Step 16 : Attempting to start NotificationRuleService
2020-02-12 14:56:46,315 INFO  [ims.Main] (MSC service thread 1-3) * Startup Step 17 : Attempting to start EventAdapterService
2020-02-12 14:56:46,315 INFO  [ims.Main] (MSC service thread 1-3) * Startup Step 18 : Attempting to start TaskService
2020-02-12 14:56:46,321 INFO  [ims.Main] (MSC service thread 1-3) * Startup Step 19 : Attempting to start WorkflowCallbackService
2020-02-12 14:56:46,322 INFO  [ims.Main] (MSC service thread 1-3) * Startup Step 20 : Attempting to start WorkflowService
2020-02-12 14:56:46,326 INFO  [ims.Main] (MSC service thread 1-3) * Startup Step 21 : Attempting to start TaskStatusNotifyService
2020-02-12 14:56:46,327 INFO  [ims.Main] (MSC service thread 1-3) * Startup Step 22 : Attempting to start EventService
2020-02-12 14:56:46,331 INFO  [ims.Main] (MSC service thread 1-3)   dups-OK-acknowledge mode is applied to event message queue
2020-02-12 14:56:46,378 INFO  [ims.Main] (MSC service thread 1-3) * Startup Step 23 : Attempting to start AdminService
2020-02-12 14:56:46,380 INFO  [ims.Main] (MSC service thread 1-3) * Startup Step 24 : Attempting to start GeneralMonitorAdmin
2020-02-12 14:56:46,382 INFO  [ims.Main] (MSC service thread 1-3) * Startup Step 25 : Attempting to start StatusNotificationService
2020-02-12 14:56:46,393 INFO  [ims.Main] (MSC service thread 1-3) * Startup Step 26 : Attempting to start GlobalInitializer plug-ins
2020-02-12 14:56:46,479 INFO  [ims.Main] (MSC service thread 1-3) * Startup Step 27 : Attempting to start SchedulerService
2020-02-12 14:56:46,662 INFO  [ims.Main] (MSC service thread 1-3) * Startup Step 28 : Attempting to start NIMSMIntegrationService
2020-02-12 14:56:46,675 INFO  [ims.Main] (MSC service thread 1-3) * Startup Step 29 : Attempting to start environments
2020-02-12 14:56:46,784 INFO  [ims.Main] (MSC service thread 1-3) * Starting environment: identityEnv
2020-02-12 14:56:47,803 INFO  [ims.Main] (MSC service thread 1-3) * Started environment: identityEnv
2020-02-12 14:56:47,953 INFO  [ims.Main] (MSC service thread 1-3) ** FIPS mode enabled : true
2020-02-12 14:56:48,004 INFO  [ims.Main] (MSC service thread 1-3) * Startup Step 30 : Attempting to start ApplicationContextInitializer plug-ins
2020-02-12 14:56:48,070 INFO  [ims.Main] (MSC service thread 1-3) ---- CA IAM FW Startup Sequence Complete. ----
2020-02-12 14:56:48,262 WARN  [org.apache.myfaces.shared_impl.util.LocaleUtils] (MSC service thread 1-3) Locale name in faces-config.xml null or empty, setting locale to default locale : en_US
2020-02-12 14:56:52,458 WARN  [org.jgroups.protocols.TP$ProtocolAdapter] (INT-1,shared=tcp) JGRP000031: iamnode1/ejb: dropping unicast message to wrong destination fe6c4376-ec05-d006-57ed-caec94cce508
2020-02-12 15:00:05,865 ERROR [stderr] (default task-2) ERROR StatusLogger Log4j2 could not find a logging implementation. Please add log4j-core to the classpath. Using SimpleLogger to log to the console...
2020-02-12 15:00:07,621 INFO  [com.workpoint.client.ClientContext] (default task-4) Loaded client properties from URL: vfs:/opt/CA/wildfly-idm/standalone/deployments/iam_im.ear/config/workpoint-client.properties
2020-02-12 15:00:07,624 INFO  [com.workpoint.client.ClientContext] (default task-4) Connected to server at: localhost
2020-02-12 15:00:07,624 INFO  [com.workpoint.servlet.client.WpClientServlet] (default task-4) Loaded properties from vfs:/opt/CA/wildfly-idm/standalone/deployments/iam_im.ear/config/workpoint-server.properties
2020-02-12 15:00:07,630 INFO  [com.workpoint.servlet.client.WpClientServlet] (default task-4) PRODUCT = Workpoint; VERSION = 3.5.2; BUILD = 20140214.P015; BUILD DATE = July 19, 2019
2020-02-12 15:00:07,687 INFO  [com.workpoint.server.ServerProperties] (default task-4) Loaded server properties from /opt/CA/wildfly-idm/standalone/deployments/iam_im.ear/config/workpoint-server.properties
2020-02-12 15:00:07,688 INFO  [com.workpoint.server.ServerProperties] (default task-4) PRODUCT = Workpoint; VERSION = 3.5.2; BUILD = 20140214.P015; BUILD DATE = July 19, 2019
2020-02-12 15:00:07,784 INFO  [com.workpoint.server.ServerProperties] (default task-4) No event configuration File specified in the server properties, so no event subscribers will be configured.

Environment

vApp 14.3 IMAG
2 nodes.  They are shutting down one of the nodes to test with just one node.

Resolution

There is a special set of directions outside of SSO\IGA integration directions.  Use the following withe rs.xml to connect to the Policy server and management console already in place.

https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-identity-and-access-management/identity-manager/14-3/configuring/ca-single-sign-on-integration/integrate-ca-single-sign-on-with-ca-identity-manager/enable-a-ca-sso-integration-with-deployed-ca-identity-manger-environments.html#concept.dita_a609a7498decc007f919f4ff2535be4f5642c8d4