ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Error : Failed to initialize policy store in Policy Server

book

Article ID: 237351

calendar_today

Updated On:

Products

SITEMINDER

Issue/Introduction

 

Having configured automatically the Policy Store, when starting the
Policy Server, this one cannot get the data from the Policy Store and
reports error :

  [2245/139880549197632][Tue Mar 01 2022 11:26:42.098][smldaputils.cpp:525]
  [INFO][sm-Ldap-00540] Opening policy store connection to LDAP server: ' 10.0.0.1:389 '

  [2245/139880549197632][Tue Mar 01 2022 11:26:42.182][SmLdapBulkSearch.cpp:174]
  [CreateRoot][INFO][sm-xpsxps-01160] LDAP Provider Info String = CA Directory

  [2245/139880549197632][Tue Mar 01 2022 11:26:42.222][SmLdapBulkSearch.cpp:228]
  [CreateRoot][INFO][sm-xpsxps-01120]
  LDAP Provider Version: supportedLdapVersion = 3

  [2245/139880549197632][Tue Mar 01 2022 11:26:42.222][SmLdapBulkSearch.cpp:228]
  [CreateRoot][INFO][sm-xpsxps-01120]
  LDAP Provider Version: dxServerVersion = dxserver 14.1.03 (build 16992) Linux 64-Bit

  [2245/139880549197632][Tue Mar 01 2022 11:26:42.224][SmObjStore.cpp:1535]
  [INFO][sm-Server-00060] Object store released

  [2245/139880549197632][Tue Mar 01 2022 11:26:42.224][SmPolicyServer.cpp:864]
  [ERROR][sm-Server-00450]
  Failed to initialize policy store

  [2245/139880549197632][Tue Mar 01 2022 11:26:42.224][CServer.cpp:4204][INFO]
  [sm-Server-04230]
  The suspend timeout is 3600 seconds.

  [2245/139880549197632][Tue Mar 01 2022 11:26:42.224][CServer.cpp:4636][INFO]
  [sm-Server-01880] smpolicysrv shutting down

 

Cause

 

At first glance, once installed the Policy Server, the Policy Store
should be initialized manually and not by using the Policy Server
configurator (1).

In order to manually configure CA Directory as Policy Store, follow
the documentation (2).

 

Environment

 

  Policy Server 12.8SP6 on RedHat 7;
   Jvm 11;
  Policy Store on CA Directory 14.1SP3;

 

Resolution

 

- Manually configure the Policy Store to solve this issue;

- Make sure that the Key Store in the smconsole is configured "Use
  Policy Store database" (3).

 

Additional Information

 

(1)

    Policy Store

      When you install the Policy Server, you can automatically configure
      one of the following directory servers as a policy store: 

      - Microsoft Active Directory Lightweight Directory Services (AD LDS) 
      - Oracle Directory Server (formerly Sun Java System Directory Server) 

      If you do not use the Policy Server to configure a policy store
      automatically, manually configure a policy store after installing the
      Policy Server. After you install the Policy Server, use the Policy
      Server Management Console to point the Policy Server to an existing
      policy store.

    https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/siteminder/12-8/installing/install-a-policy-server/configure-ldap-directory-servers-as-policy-session-and-key-stores.html

(2)

    Configure a Symantec Directory Policy Store
    https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/siteminder/12-8/installing/install-a-policy-server/configure-ldap-directory-servers-as-policy-session-and-key-stores/configure-an-ldap-directory-server-as-a-policy-store/configure-a-ca-directory-policy-store.html

(3)

    Error : Failed to connect to datasource Policy server process died
    https://knowledge.broadcom.com/external/article?articleId=139751