search cancel

Change the hostname in SiteMinder Administrative UI

book

Article ID: 41844

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

Question:

We have R12.x Admin UI installed on Windows Server. The hostname of the Server has changed, is there any way to change the hostname in admin UI configuration so that I can access AdminUI with new hostname without reinstalling or modifying local hosts file?

 

Environment

Environment:

R12.0 SP2/SP3, R12.5, R12.51, R12.52, R12.8.x

Resolution

 

Answer:

The only way to change the hostname is by re-configuring the WAM UI and edit the launcher.html file to contain the new hostname.

Please find the below steps to re-configure WAM UI along with editing the launcher.html file:

1. Open the command prompt / shell on the Policy Server

2. Change to the <PS Install Dir>/bin

3. Launch "XPSExplorer":

Run: xpsexplorer

4.Type the option for TrustedHost* ((or whatever number corresponds to TrustedHost*), then hit ENTER

5.Type 's' for Search Objects , then hit ENTER

6.Locate the Trusted Host Object with the Desc: "XPSRegClient" with the host name of the WAMUI possibly listed as an FQDN. It will look something like this:

3-CA.SM::[email protected]
(I) Name : "siteminder"
(C) Desc : "Generated by XPSRegClient"
(C) IpAddr : "0000:0000:0000:0000:0000:FFFF:"
(C) RolloverEnabled : false

or something like this (in R12.8.x)
OBJECT MENU*******************************************************#423912487

------------------------- Object Meta Data ------------------------
         XID: CA.SM::[email protected]
Actual Class: CA.SM::TrustedHost
Base Class: CA.SM::TrustedHost
In Cache: yes 4
     Created: 2020-02-19 02:52:48 GMT
Last Updated: 2020-02-19 02:52:48 GMT
         By: RegisterService (via Internal)
---------------- Attributes from CA.SM::TrustedHost ---------------
    Desc                            = "Generated by XPSRegClient"
    IpAddr                          = "192.168.0.41"
    Name                            = "ps01.ldap1.lab__0"
    PrevSecret
    RolloverEnabled                 = false
    Secret                          = <***>
    SecretGenTime                   =  0
    SecretUsedTime                  =  0
-------------------------------------------------------------------

7.Confirm the Object ID for the Trusted Host Object with the name Desc that corresponds to the WAMUI host (The object id prefaces CA.SM::[email protected]~ .
In the example above, the object id is 3 )

8.Type the object id number which corresponds to the WAMUI Trusted host object, then hit ENTER

9.Type d to delete the selected object id, then hit ENTER.

10.Type 'q' to go back, and then 'q' again, and then 'q' again (until you get the big list where it says 'MAIN MENU')

11.Choose 'q' again to exit XPSExplorer

12.Run XPSSecurity and delete the below entry ('SiteMinder Administrative UI Directory User')

NOTE: XPSSecurity is found in the installation binaries along with smreg and is not copied to the \bin directory during installation.

Sample:
ADMINISTRATORS MENU*********************************************************

 1 - siteminder [SuperUser] [Legacy]
SM://1c8d8ced-6bf6-43c5-84d2-0436360adea3/siteminder

 2 - SiteMinder Administrative UI Directory User
SM-ADMIN-DIRECTORY
Used by the UI for authenticating administrators
 3 - SMWAMUI:localhost__0 [Legacy]
SM://1c8d8ced-6bf6-43c5-84d2-0436360adea3/SMWAMUI:localhost__0

 4 - SMWAMUI:ps01.ldap1.lab__0 [Legacy]
SM://1c8d8ced-6bf6-43c5-84d2-0436360adea3/SMWAMUI:ps01.ldap1.lab__0

-------------------------------------------------------------------

13.Run XPSsweeper from the command line. let this run and complete.

14.Stop the jboss server for the adminui server.

15.Delete the data directory contents under: \adminui\server\default\ or \adminui\standalone\ (in R12.8.x)

16.Run XPSRegclient:

XPSRegclient siteminder:<passphrase> -adminui-setup

17. Edit the launcher.html file to contain the new hostname

18.Start the JBOSS server.

19.Now try to log in the WAMUI again.

Additional Information:

The key point here is that after running the XPSRegclient command, please edit the launcher.html file to contain the new hostname before browsing the Admin UI url.
As, the launcher.html file already contains the old entry, so when the registration is happening and request goes to the Policy Server to create the trustedhost it takes the old hostname.

-> We can find the launcher.html file as per below screenshot:


Attachments