Unable to register WAMUI to PS
Article ID: 205980
Updated On:
Products
Issue/Introduction
We're trying to register the AdminUI with the Policy Server and the AdminUI returns
the following error in the browser :
"An unknown error occurred during deployment"
How can we fix that ?
Environment
Policy Server 12.8SP3 on RedHat 7;
AdminUI 12.8SP3 on RedHat 7;
Cause
Exporting the Policy Store data by running XPSExport command as :
XPSExport pstore.xml -xb -npass
Then we can see in the pstore.xml the data related to permission to
the SM-ADMIN-DIRECTORY administrator as follow :
The SM-ADMIN-DIRECTORY administrator has no right (Grant) :
<Administrator>
<UserPath>SM-ADMIN-DIRECTORY</UserPath>
<Name>SiteMinder Administrative UI Directory User</Name>
<Description>Used by the UI for authenticating administrators</Description>
<MethodsAllowed>4</MethodsAllowed>
<Workspaces />
</Administrator>
Usually, this administrator should have the following rights (Grant) :
<Administrator>
<UserPath>SM-ADMIN-DIRECTORY</UserPath>
<Name>SiteMinder Administrative UI Directory User</Name>
<Description>Used by the UI for authenticating administrators</Description>
<MethodsAllowed>4</MethodsAllowed>
<Workspaces />
<Grant>
<SecurityCategory>!Admin Administration</SecurityCategory>
<Rights>2097152</Rights>
</Grant>
</Administrator>
Resolution
- Stop the AdminUI;
- On the Policy Server, run the command XPSSecurity :
A
look for :
3 - SiteMinder Administrative UI Directory User
SM-ADMIN-DIRECTORY
Used by the UI for authenticating administrators
3
R
G
look for :
9-CA.XPS::SecurityCategory@!Admin Administration
(I) Name : "Admin Administration"
(C) Description : "Administration of administrators, both
regular and API"
9
Q
Grant succeeded.
ADMINISTRATOR RIGHTS MENU*****************************************#904957310
1 - MV - Admin Administration
Q
U
Q
Q
P
Q
- Insure you have run XPSRegClient command less than an hour ago;
- Start the AdminUI and you should be able to register the AdminUI;
Feedback
