When we are trying to create SAML2.0 authentication Scheme, it seems to be failing with below error in WAM UI:
Error: Task failed.
Fatal: Failed to execute CreateSAMLv2IdPEvent. ERROR MESSAGE: smApiWrappedException:CA.SM::[email protected]: Create failed. (Unknown Failure)
Federation versions running 12.51, 12.52 and AD LDS as policy store
As there is a limitation from the policy store when you are using AD LDS as policy store, we cannot create an object with the name contains more than 22 characters. If you create an object like SAML authentication scheme with more than 22 characters, you will see below error in smps log and above error in adminui.
You will see the below error in smps.log:
[24564/3908668272][Thu Sep 03 2015 18:51:06][SmObjProvider.cpp:187][ERROR][sm-Server-03090] Policy store failed operation 'Save' for object type 'PropertySection' . LDAP Error creating new PropertySection object
We need to create an authentication scheme name of SAML 1.x/2.0 and WSFED authentication schemes with less than 22 characters to resolve the issue. It is not a limitation from siteminder end as it is limitation from AD LDS.
Release: ESPSTM99000-12.51-Single Sign On-Extended Support Plus