After installing and configuring the AdminUI properly and having
registered the AdminUI running XPSRegclient, when trying to login to
the AdminUI I get this error in the browser :
Error : "Invalid user name and password combination"
The policy server logs shows also an handshake error with the
AdminUI :
[SmPolicyServer.cpp:1006][ERROR] Handshake error: Unknown Tunnel agent 'smtunnel-siteminder' in hello message
[CServer.cpp:1630][ERROR] Handshake error: Unknown client name 'smtunnel-siteminder' in hello message
[CServer.cpp:1728][ERROR] Bad security handshake attempt. Handshake error: 3160
[CServer.cpp:1749][ERROR] Handshake error: Bad hostname in hello message
[CServer.cpp:1901][ERROR] Failed handshake with XXX.YYY.ZZZ.VVV:NNN
AdminUI 12.8SP6 on RedHat 8;
Policy Server 12SP3CR02 on Solaris;
The problem is because all components are not at the same level
version.
Policy Server and Store 12SP3 cannot be managed with an AdminUI 12.8.
Install an AdminUI 12.8SP6 only at the last step during an upgrade.
Following the upgrade guide (1)(2).
To migrate a deployment with multiple Policy Servers and agents,
remove one of the components from the environment. While the component
is being upgraded, the remaining components continue to protect
resources. Continue removing and upgrading components until all
components are upgraded or operating in mixed-mode compatibility.
The following figures show a simple r12.5x environment. The stages
detail the order in which existing components are upgraded. Each
figure depicts a single policy store and key store. However, a
deployment can use separate policy and key stores.
1. In stage one, an r12.5x Policy Server is upgraded. The 12.8.x
Policy Server operates in compatibility mode. Consider the
following items:
- The r12.5x agents continue to communicate with the 12.8.x
Policy Server.
- The 12.8.x Policy Server continues to communicate with the
r12.5x policy and key store.
- The r12.5x Policy Server continues to communicate with the
r12.5x policy and key store.
2. In stage two, the remaining Policy Server is upgraded to
12.8.x. The 12.8.x Policy Servers operate in compatibility mode
with the r12.5x policy and key store.
3. In stage three, the collocated r12.5x policy and key store is
upgraded to 12.8.x.
4. In stage four, the Administrative UI is upgraded.
Note from the above that the Upgrade the r12.x Administrative UI is
at the last stage !