Why is the Siteminder WebAgent not starting up?
search cancel

Why is the Siteminder WebAgent not starting up?

book

Article ID: 42460

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

Question: 

Why is it that after installing and configuring the webagent on win64 IIS7.5 Windows server 2008 R2, we are able to access protected resources without being challenged?

Environment

Environment:  

Web Server Version: IIS 7.x

Web Server OS & Bit version: windows 2008 R2

SiteMinder Web Agent Version:Answer:  12.0 SP3.x/12.52.x

Resolution

Answer: 

If the "Enable 32-Bit applications" option in the Advanced settings of the application pool you are using is set to "True",  Siteminder webagent will be pulling the settings in the 32bit webagent.conf file.

Please do the following:

  1. Ensure that the webagent is enabled for 32bit applications in the following path:

X:\Program Files\CA\webagent\win32\bin\IIS\webagent.conf

EnableWebAgent="YES" should be set in the webagent.conf file in the above path

 

  1. Then set the below ACO parameters as per below suggestion:

 

X:\Program Files\CA\webagent\win32\log\
Logfile:  Yes
LogFileName32 :  X:\Program Files\CA\webagent\win32\log\wa.log

TraceFile: Yes
TraceFileName32  : X:\Program Files\CA\webagent\win32\log\watrace.log



LogFileName32
Specifies the full path of a log file for a CA Single Sign-On Web Agent for IIS (on 64-bit Windows operating environments protecting 32-bit applications). The 32-bit applications run in Wow64 mode on the 64-bit Windows operating environment. If logging is enabled but this parameter is not set, the Web Agent for IIS appends _32 to the log file name.

Default: No

Limits: For Windows 64-bit operating environments only. Specify the file name at the end of the path.

Example: (Windows 64-bit operating environments using Wow64 mode) web_agent_home\log\WebAgent32.log.

https://docops.ca.com/ca-single-sign-on-12-52-sp1/en/configuring/web-agent-configuration/logging-and-tracing/error-logs-and-trace-logs#ErrorLogsandTraceLogs-SetUpandEnableErrorLogging


TraceFileName32
Specifies the full path to the trace file for the CA Single Sign-On Agent for IIS is running on a 64-bit Windows operating environment and protecting 32-bit applications. Set this parameter if you have a CA Single Sign-On Agent for IIS installed on a 64-bit Windows operating environment and protecting a 32-bit Windows application. The 32-bit applications run in Wow64 mode on the 64-bit Windows operating environment. If trace logging is enabled but this parameter is not set, the Web Agent for IIS appends _32 to the file name.

Default: No default.

Limits: For Windows 64-bit operating environments only. Specify the trace file name at the end of the path.

Example: (Windows 64-bit operating environments using Wow64 mode) web_agent_home\log\WebAgentTrace32.log.


https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/siteminder/12-52-01/configuring/web-agent-configuration/logging-and-tracing/how-to-set-up-trace-logging.html

 

  1. Then restart IIS

Additional Information

Additional Information:

You may receive warning "Unable to initialize tracing error" if the 32 bit webagent logging is not configured correctly as per below: 

https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/siteminder/12-52-01/troubleshooting/troubleshooting-agent-configuration.html

Powered by Wolken Software