I am configuring the Policy Server to integrate the RSA / ACE integration, but I get te following error and thus, I cannot use the RSA authentication :

[SmAuthAceHtml.cpp:896][ERROR] SmAuthenticate:Did not continue to AceInit completion. pEventData->asynchAceRet= 23

How can I solve this problem ?

The ACE SDK lists the error as:

sdacmvls.h:#define ACM_NO_SERVER 23

sdacmvls.h

That means that the ACE server was not available to service the request.

In order to investigate and solve the problem, check and do the following :

- Check values for USR_ACE and VAR_ACE, USR_ACE should point to <siteminder_home>/bin or c:\<siteminder_home>\bin; 

- Did you reboot the Policy Server machine since you installed and configured?

- Do you have the key "HKEY_LOCAL_MACHINE\SOFTWARE\SDTI\ACECLIENT\NodeSecret key in the registry ? if yes, could you delete this key, restart the machine and try to reproduce?

- Are the Policy Server and RSA Server time sync?

- Did you remove any sdstatus.12 and securid files from the ACE server before generating the new sdconf.rec for the current configuration ?

- Could you check that all process on the ACE server are up and running?

If all those verifications are fine, then try the following:

- Remove the current sdconf.rec from the non-working Policy Server along with also removing the accompanying sdstatus.12 and securid files. 

- On the ACE server, uncheck the node secret sent box for the agent host defined for this Policy Server; 

- Regenrate the sdconf.rec file;

- Copy it over to the Policy Server (Winnt\system32) directory if you are on Windows;

- Make sure all the permissions are correct and restart the Policy Server system;