Failed to Insert Audit Records after upgrading to 12.8 SP4 and higher releases
search cancel

Failed to Insert Audit Records after upgrading to 12.8 SP4 and higher releases

book

Article ID: 221407

calendar_today

Updated On:

Products

SITEMINDER

Issue/Introduction

- After Upgrading from 12.7 SP2 to 12.8 SP4 and higher Releases , Policy Server is Failing to insert Audit Records in an SQL Audit Database (oracle or other) which is causing Delay in Auth Transactions 

- policy Server is attempting to insert the Records in the Audit store and keeps failing with the following 

444][8420][11:50:31.755][11:50:31][CSmDbODBC.cpp:1472][CSmDbConnectionODBC::CheckForError][][][][][][][][][][][][22001][-1][[CA SSO][ODBC Oracle Wire Protocol driver]String data, right truncated. Error in parameter 12.][][][][][][SQL Error.][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][]
[06/23/2021][11:50:31.755][4444][8420][            Leave function CSmDbConnectionODBC::DoExecute][11:50:31][CSmDbODBC.cpp:1969][CSmDbConnectionODBC::DoExecute][][][][][][][][][][][][][-1][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][00:00:00.000000][]
[06/23/2021][11:50:31.755][4444][8420][            ][11:50:31][CSmDbODBC.cpp:362][CSmDbConnectionODBC::MapResult][][][][][][][][][][][][-1][][[CA SSO][ODBC Oracle Wire Protocol driver]String data, right truncated. Error in parameter 12.][][][][][][ODBC Error: State = 22001 Internal Code = 0 - s - MappedResult:-4007][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][]
[06/23/2021][11:50:31.755][4444][8420][            LogMessage:ERROR:[sm-Server-04590] Failed executing single audit log insert: Internal Error: Database error.  Code is -4007 (DBMSG: <<<State = 22001 Internal Code = 0 - s>>>). Code: -4007. DB Code: -1][11:50:31][SmReportsODBCLog.cpp:942][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][]
[06/23/2021][11:50:31.755][4444][8420][            Closing statement handle  '554891040'.][11:50:31][CSmDbODBC.cpp:4336][CSmDbConnectionODBC::DoClose][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][]
[06/23/2021][11:50:31.755][4444][8420][            Release connection reference. ReferenceCount = '25'][11:50:31][CSmDbConnection.cpp:241][CSmDbConnection::ReleaseReference][]


Attempted to reconnect 15 times and then gave up and record dropped eventually and user marked still as Authenticated 

[06/23/2021][11:50:33.787][4444][8420][            All 15 attempts to flush audit records to the audit database have failed.  We disable the retry mechanism until at least one write is successful.][11:50:33][SmReportsODBCLog.cpp:1134][SmReportsLogAccess][
[06/23/2021][11:50:33.787][4444][8420][            LogMessage:ERROR:[sm-Server-02700] Failed to write audit log record. Record dropped.][11:50:33][SmReportsODBCLog.cpp:1182][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][]
[06/23/2021][11:50:33.787][4444][8420][            LogMessage:ERROR:[sm-Server-02700] Failed to write audit log record. Record dropped.][11:50:33][SmReports.cpp:1812][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][

 

Environment

Release : 12.8 SP4 and Higher on Windows and Linux OS 

Component : SITEMINDER -POLICY SERVER

Resolution

Customer upgraded 12.7.02 to 12.8.04, The difference observed between both versions is 

-  Data direct Odbc driver is upgraded.

-  Added new parameter enableNcharsupport=0  in 12.8.04  (related to N-types NCHAR, NVARCHAR2, and NCLOB support by the Driver) 

 

This registry setting should be there for audit data source enableNcharsupport=0 in registry as Indicated in the guide 

https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/siteminder/12-8/installing/install-a-policy-server/configure-odbc-databases-as-policy-session-key-and-audit-stores/configure-odbc-databases-as-audit-store/store-audit-logs-in-oracle.html

 

 

https://knowledgebase.progress.com/articles/Article/8556

Enable N-CHAR Support
Attribute EnableNcharSupport (ENS)

Description
Determines whether the driver provides support for the N-types NCHAR, NVARCHAR2, and NCLOB. These types are described as SQL_WCHAR, SQL_WVARCHAR, and SQL_WLONGVARCHAR, and are returned as supported by SQLGetTypeInfo. In addition, the "normal" char types (char, varchar2, long, clob) are described as SQL_CHAR, SQL_VARCHAR, and SQL_LONGVARCHAR regardless of the character set on the Oracle server.
See "Unicode Support" on page 300 for details.

NOTE: Valid only on Oracle 9i and higher.

Powered by Wolken Software