REQUEST: GET http://server_name.domain_name.com/siteminderagent/forms/login.fcc
RESPONSE: HTTP 404 (File Not Found).
Product: Siteminder
Component: Web Agent
Version: ANY
Web Server: IIS
Web Server OS: Windows Server
NOTE: This issue is specific to MS IIS
In IIS the Web Site is assigned to an Application Pool. The Application Pool is configured with an 'Identity' (user), along with the Managed Pipeline Mode (i.e. Integrated or Classic), along with a number of other settings. When 'ApplicationPoolIdentity' is configured as the identity of an App Pool, then IIS creates a 'built-in user' on the Local Windows Server. An application pool named 'AppPool1' will create a built-in user account (IIS AppPool\DefaultAppPool). This is the user context that the w3wp.exe process for IIS will run under. Likewise, this is the same user that the web agents 'LLAWP.exe' process will also run under since it will be invoked as a child process of the parent 'w3wp.exe' process.
When an 'application' is created in IIS, it will inherit the identity of the web site it is created under. However, the App Pool for the application can be changed.
This HTTP 404 response can occur when being directed to the login.fcc under the following conditions:
This configuration mismatch is causing an issue when the web browser is redirected to the web agent, which is installed under the web site (AppPool1) and the resource is running under AppPool2 with a different user a pipeline mode.
The web site where the web agent is running and the application within that web site that is being protected by the Siteminder Agent need to match
OPTION #1:
Configure the Application to use the same Application Pool as the Web Site
OPTION #2:
Configure the Web Site to use the same Appliction Pool as the Application