Error while attempting XPSImport: Duplicate value error for CA.SM::SAMLv2IdP.Name=""
search cancel

Error while attempting XPSImport: Duplicate value error for CA.SM::SAMLv2IdP.Name=""


Article ID: 220794


Updated On:


CA Single Sign-On


Customer has exported a number of auth schemes from a 12.7 policy store and is attempting to import them to a 12.8x policy store using XPSImport.  The import is failing with a series of the following errors:

[669989/139869036062528][Mon Jul 26 2021 15:05:50.562][Validate.cpp:238][Process][WARN][sm-xpsxps-03220] CA.SM::SAMLv2IdP@21-00040238-a8d1-1e8c-a8c7-38420aad0000(): Duplicate value for CA.SM::SAMLv2IdP.Name="": CA.SM::SAMLv2IdP@21-00040238-a8d1-1e8c-a8c7-38420aad0000(),CA.SM::SAMLv2IdP@21-000360ca-0eb0-1e9f-8ea6-38420aad0000().
[669989/139869036062528][Mon Jul 26 2021 15:05:50.562][Validate.cpp:238][Process][WARN][sm-xpsxps-03220] CA.SM::SAMLv2IdP@21-000c723b-ef27-1e46-af1e-38420aad0000(): Duplicate value for CA.SM::SAMLv2IdP.Name="": CA.SM::SAMLv2IdP@21-000c723b-ef27-1e46-af1e-38420aad0000(),CA.SM::SAMLv2IdP@21-000360ca-0eb0-1e9f-8ea6-38420aad0000().
[669989/139869036062528][Mon Jul 26 2021 15:05:50.562][Validate.cpp:238][Process][WARN][sm-xpsxps-03220] CA.SM::SAMLv2IdP@21-00079196-18de-1f97-98d5-38420aad0000(): Duplicate value for CA.SM::SAMLv2IdP.Name="": CA.SM::SAMLv2IdP@21-00079196-18de-1f97-98d5-38420aad0000(),CA.SM::SAMLv2IdP@21-000360ca-0eb0-1e9f-8ea6-38420aad0000().
[669989/139869036062528][Mon Jul 26 2021 15:05:50.562][Validate.cpp:238][Process][WARN][sm-xpsxps-03220] CA.SM::SAMLv2IdP@21-0006ac88-3a59-1e5d-ba4f-38420aad0000(): Duplicate value for CA.SM::SAMLv2IdP.Name="": CA.SM::SAMLv2IdP@21-0006ac88-3a59-1e5d-ba4f-38420aad0000(),CA.SM::SAMLv2IdP@21-000360ca-0eb0-1e9f-8ea6-38420aad0000().


Release : 12.8x

Component : Siteminder


The export file contained a number of references to SAMLv2IdP objects (backing objects for federation configurations).  Some of those SAMLv2IdP objects were missing the Name attribute, thus the import was listing one error for every SAMLv2IdP object that was missing a Name attribute.  You will notice that the second XID listed in each error is the same one for each error; this is because that XID was one of the SAMLv2IdP objects without a Name attribute, and thus it was conflicting with every other SAMLv2IdP object that also lacked a Name attribute.  

The reason this problem was not detected by the 12.7 policy server (including XPSSweeper) is because 12.8 is less tolerant of such errors and thus requires they be corrected before the data can be imported.


Modifying the .xml file the customer was attempting to import by adding the Name attribute/value to each object in which it was missing allowed the import to succeed.  The Attribute name/value pair we added looked like the sample below and was inserted just above the </Object> tag (since the .xml file contained at least one SAMLv2IdP object with the Name attribute, we were able to use that object as a model for our modifications):

                <Property Name="CA.SM::SAMLv2IdP.Name">

Additional Information

We did not attempt to fix the 12.7 policy store since the customer is having no functional issues in that environment and is migrating to 12.8.