When running CA Access Gateway (SPS), this one reports the error:
[14155/140707866306304][Mon Jan 30 2023 21:22:03.996][CSmAgentApiBase.cpp:641][ERROR][sm-AgentFramework-00810] API: SiteMinder Agent Api function failed - 'Sm_AgentApi_DoManagement' returned '-1'.
[14155/140707866306304][Mon Jan 30 2023 21:22:03.997][CSmAdminManager.cpp:934][WARNING][sm-AgentFramework-00340] ADMIN: DoManagement failed. Agent unable to process possible management events.
These errors have been solved by restarting CA Access Gateway (SPS).
At first glance, the agentwaittime parameter may help to fix that problem (1)(2).
What the KDs (1)(2) don't mention is this might happen when the connection between CA Access Gateway (SPS) and Policy Server may be terminated by a Firewall or Loadbalancer too.
When this happens, CA Access Gateway (SPS) doesn't know that the connection has been cut. So it tries still to use it and ends with above error message and 500 in the user's browser.
SM_ENABLE_TCP_KEEPALIVE makes aware the CA Access Gateway (SPS) of such half-terminated connections and prevents thus this issue (3)(4)(5).
On both Policy Server and CA Access Gateway (SPS), enable SM_ENABLE_TCP_KEEPALIVE (6).
(1)
Error: Sm_AgentApi_IsProtectedEx, Sm_AgentApi_LoginEx in Web Agent log
(2)
Error: Agent Api function failed with Web Agent and Load balancer
(3)
Error: Web Agent reports Failover from cluster [0] to cluster [1]
(4)
Error: Sm_AgentApi_Init Failed intermittently in the event viewer log
(5)
All application's URLs down - not accessible and reachable - Web Agent
(6)