Alternative solution to Failed to get the DD Reference for an Attribute, Attr = CA.FED::PartnershipBase.EnableIdentityMapping error message
search cancel

Alternative solution to Failed to get the DD Reference for an Attribute, Attr = CA.FED::PartnershipBase.EnableIdentityMapping error message

book

Article ID: 230966

calendar_today

Updated On:

Products

CA Single Sign On Agents (SiteMinder)

Issue/Introduction

The customer reported an issue saving new or modifying existing partnerships. In logs, we saw this message:

[ERROR] com.ca.federation.adminui.backingbean.federation.PartnershipListBean [] - **ERROR** com.ca.fedxps.api.remote.FedXPSException during UI operation.
com.ca.fedxps.api.remote.FedXPSException: com.ca.federation.client.XPSException: Failed to get the DD Reference for an Attribute, Attr = CA.FED::PartnershipBase.EnableIdentityMapping, Vendor = CA, Prod = FED, Class = PartnershipBase : CA : XPS : sm-xpssvc-00140
 at com.ca.fedxps.api.remote.FedXPSObjectStore.update(Unknown Source) ~[fedremoteapi.jar:?]

Normally this message indicates that the Data Definition for this object is missed or incorrect. The standard solution is to reimport the DD file again, in this case it would be the FedObjects.xdd.

See : https://knowledge.broadcom.com/external/article/49234/failed-to-get-the-dd-reference-for-an-at.html

However in this case, importing the FedObjects.xdd or the SmMaster.xdd did not resolve or change the error in anyway.

Environment

Policy Server 12.8 SP2

AdminUI 12.8 SP3

Cause

It was noticed that the AdminUI was reporting a version mismatch. The AdminUI was on 12.8 SP3 whereas the Policy Server was on 12.8 SP2. This meant the Policy Store, base objects, and Data Definitions would also be at 12.8 SP2.

In the AdminUI, when creating a Partnership, after you add in the User directory, the Enable Identity Mapping checkbox would appear. However, when we looked in XPSExplorer under FED, PartnershipBase, we could not see this attribute. For comparison purposes we checked the same steps on a 12.SP2 AdminUI, and the checkbox did not appear after adding the User Directory.

This meant that the Enable Identity Mapping was new to 12.8 SP3 and did not exist in 12.8 SP2, which is why the UI could not save that setting, preventing the partnership itself from being saved.

Resolution

The solution here is to either

1) upgrade the Policy Server and Stores to 12.8 SP3 so they would have the newer Data Definitions imported, which would have the missing attribute needed to save the value of the Enable Identity Mapping checkbox.

2) downgrade the AdminUI to 12.8 SP2 so that the feature set the UI is using matches the Data Definitions of the Policy Store, meaning no Enable Identity Mapping checkbox in this specific case.

The customer opted for #2 and verified this resolved their issue.

Powered by Wolken Software