I am configuring the Policy Server to integrate the RSA / ACE integration, but I get te following error and thus, I cannot use the RSA authentication :
[SmAuthAceHtml.cpp:896][ERROR] SmAuthenticate:Did not continue to AceInit completion. pEventData->asynchAceRet= 23
How can I solve this problem ?
The ACE SDK lists the error as:
sdacmvls.h:#define ACM_NO_SERVER 23
That means that the ACE server was not available to service the request.
In order to investigate and solve the problem, check and do the following :
- Check values for USR_ACE and VAR_ACE, USR_ACE should point to <siteminder_home>/bin or c:\<siteminder_home>\bin;
- Did you reboot the Policy Server machine since you installed and configured?
- Do you have the key "HKEY_LOCAL_MACHINE\SOFTWARE\SDTI\ACECLIENT\NodeSecret key in the registry ? if yes, could you delete this key, restart the machine and try to reproduce?
- Are the Policy Server and RSA Server time sync?
- Did you remove any sdstatus.12 and securid files from the ACE server before generating the new sdconf.rec for the current configuration ?
- Could you check that all process on the ACE server are up and running?
If all those verifications are fine, then try the following:
- Remove the current sdconf.rec from the non-working Policy Server along with also removing the accompanying sdstatus.12 and securid files.
- On the ACE server, uncheck the node secret sent box for the agent host defined for this Policy Server;
- Regenrate the sdconf.rec file;
- Copy it over to the Policy Server (Winnt\system32) directory if you are on Windows;
- Make sure all the permissions are correct and restart the Policy Server system;