When the default "siteminder" administrator account is disabled, other administrator accounts are not able to logon to AdminUI.
For example, there are "siteminder" and "admin" account which are both super users.
When "SiteMinder" account is set to disabled, "admin" account or any other administrators are not able to logon to AdminUI.
Workaround was to use XPSSecurity to remove the "DISABLED" flag from the default siteminder account, and restart the adminui service before we able able to login with the admin account again.
Following error is displayed in the smps.log when "SiteMinder" is disabled and when other admins try to login.
"System Error: Administrator is disabled."
AdminUI uses Policy Store as a "Admin User Store".
And the account used for accessing this "Admin User Store" is the "SiteMinder" account.
So if the "SiteMinder" account is disabled, AdminUI is no longer able to access the Admin Accounts in the user store.
Release : 12.8.06/12.8.06a
Component : SITEMINDER WAM UI
Temporary hotfix is available to address this issue on R12.8.06 and R12.8.06a.
The steps to apply:
1. Turn off the web admin service
2. in siteminder\adminui\standalone\deployments\iam_siteminder.ear\user_console.war\WEB-INF\lib replace webadmin.jar with the new webadmin.jar (after renaming the original one, just in case, for backup)
3. Restart the service
This is planned to be included in the R12.8 SP7.
For R12.8.06 #DE524754
For R12.8.06a #DE534250