Identity Manager doesn't start with "Cannot connect to policy server: Invalid credentials" error
search cancel

Identity Manager doesn't start with "Cannot connect to policy server: Invalid credentials" error

book

Article ID: 26610

calendar_today

Updated On:

Products

CA Identity Manager CA Identity Governance CA Identity Portal CA Risk Analytics CA Secure Cloud SaaS - Arcot A-OK (WebFort) CLOUDMINDER ADVANCED AUTHENTICATION CA Secure Cloud SaaS - Advanced Authentication CA Secure Cloud SaaS - Identity Management CA Secure Cloud SaaS - Single Sign On

Issue/Introduction

We can no longer start up Identity Manager. We see the following error in the server.log but no corresponding error in the smps.log.

--------
WARN [ims.default] * Startup Step 4 : Attempting to start PolicyServerService
DEBUG [ims] Unable to connect to the policy server: Invalid credentials
WARN [org.jboss.resource.connectionmanager.JBossManagedConnectionPool] Throwable while attempting to get a new connection:
javax.resource.spi.EISSystemException: Cannot connect to policy server: Invalid credentials
at com.netegrity.ra.policyserver.impl.PSManagedConnectionFactory.createManagedConnection(PSManagedConnectionFactory.java:256)
at org.jboss.resource.connectionmanager.InternalManagedConnectionPool.createConnectionEventListener(InternalManagedConnectionPool.java:451)
at org.jboss.resource.connectionmanager.InternalManagedConnectionPool.getConnection(InternalManagedConnectionPool.java:212)
at org.jboss.resource.connectionmanager.JBossManagedConnectionPool$BasePool.getConnection(JBossManagedConnectionPool.java:496)

Cause:

The determined cause for the "invalid credentials error" is a password mismatch.
The Siteminder administrator's password was changed in Siteminder.
This implied that the existing password in the IM config file "ra.xml" no longer matched the newly set password for the siteminder administrator.

Environment

Release: CAPUEL99000-12.5-Identity Manager-Blended upgrade to Identity &-Access Mgmt Ente
Component:

Resolution

To address this please follow the steps below:

1. Reset the password for the Siteminder administrator to a known value by using "SiteMinder Administration console -> Administrators tab".

2. Use the IM password tool located "<Identity Manager Administrative Tools>/PasswordTool/pwdtools.bat" to create a new encrypted password to match the new Siteminder password.

3. Copy and paste the encrypted password into the file "&ltIdentityMinder.ear>\policyserver_rar\META-INF\ra.xml" For example:

<config-property>
<config-property-name>Password&lt/config-property-name>
<config-property-type>java.lang.String&lt/config-property-type>
<config-property-value>put-encrypted-value-here&lt/config-property-value>
</config-property>

4. Restart Identity Manager and Siteminder (Make sure Siteminder has fully started before starting Identity Manager)

Powered by Wolken Software