search cancel

XPSImport smpolicy.xml failure in 12.8sp6 when DB is used as store.

book

Article ID: 243304

calendar_today

Updated On:

Products

SITEMINDER CA Single Sign On Federation (SiteMinder) CA Single Sign On Secure Proxy Server (SiteMinder)

Issue/Introduction

During upgrade to 12.8sp6, can not import default policy store objects, when DataBase is used as policy store. 

XPSImport smpolicy.xml -npass
[XPSImport - XPS Version 12.8.0600.2649]
Log output: /opt/smuser/siteminder/log/XPSImport.2022-05-19_090009.log
Initializing XPS, please wait...
(ERROR) : [sm-xadobj-00010] Object store initialization failed.
(FATAL) : [sm-xpsxps-03570] SiteMinder interface initialization failed.
(WARN) : [Assert] Assert failed: pSmStore
(FATAL) : [sm-xpsxps-03570] SiteMinder interface initialization failed.
(FATAL) : [sm-xpsxps-04190] Unable to obtain the XPS Policy Data Interface interface.

Cause

Sometimes the limitation from the RDBMS database has 4000 character limit or lower, Policy server is unable to commit the cert/key pair data to policy store.

But after verification, the VARCHAR2 is already set to 4000. Increasing it did not help.

12.8 SP4 later policy server upgraded 3rd party Datadirect Odbc driver, hence will require an additional entry during data source creation.  

"EnableNcharSupport=0"

This problem does not impact LDAP policy store.

Environment

SiteMinder Policy Server 12.8 SP4 or later

Resolution

The detailed configuration step is documented at section Create an Oracle Data Source on Windows, step 9.

Select Windows ODBC Data Sources in use for policy store, Click the Advanced tab and enter the following in the Extended Options field:

EnableNcharSupport=0

https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/siteminder/12-8/installing/install-a-policy-server/configure-odbc-databases-as-policy-session-key-and-audit-stores/configure-odbc-databases-as-audit-store/store-audit-logs-in-oracle.html

Additional Information

https://knowledge.broadcom.com/external/article?articleId=242200
https://knowledge.broadcom.com/external/article?articleId=221407
https://knowledge.broadcom.com/external/article?articleId=229835
https://knowledge.broadcom.com/external/article?articleId=241566