'min-auth'/'authentication' is deprecated. Minimum setting in auth-levels is considered as min-auth when using CA Directory 14.1

book

Article ID: 197028

calendar_today

Updated On:

Products

CA Identity Manager CA Identity Governance CA Identity Portal CA Identity Suite

Issue/Introduction

After applying CP2 for VAPP 14.3 we are now seeing the following warning repeatedly:

'min-auth'/'authentication' is deprecated. Minimum setting in auth-levels is considered as min-auth.


Cause

This is due to CP2 updating CA Directory to version 14.1 where min-auth authentication was deprecated:

https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-identity-and-access-management/directory/14-1/release-information/deprecated-components-and-features.html

This message has no impact other than being written to the logs files.

Environment

Release : 14.3 CP2
Component : IdentityMinder(Identity Manager)

Will impact any IDM system connecting into a 14.1 version of CA Directory

Resolution

We will be addressing this in a future release.  To clear this message from the log modify the /CA/Directory/dxserver/config/settings/impd.dxc file to comment out the min-auth security connection:
# security controls
#set min-auth = clear-password;

And reinitialize CA Directory.


Specific VAPP Directions:

1. Log into your VAPP deployment and SU to the dsa user:
>su - dsa

2. Navigate to and edit /opt/CA/Directory/dxserver/config/settings/impd.dxc

3. Comment out the min-auth security line:

# security controls
#set min-auth = clear-password;

4. Reinitialize dxserver with

>dxserver init all


 

 

Attachments