Description:

We have installed SiteMinder r12 SP2 from scratch and have timeout and core issues with XPSExplorer/XPSSweeper with a non empty policy store.

We tried to determine the source of the errors and it appears that the XPS tools generate an LDAP request with time limit set to 20s.

After 40s approx. XPS tool abandons the request and generates a "request timed out"

<Please see attached file for image>

Is this parameter hard coded?

We don't see any reason to limit time for ldap requests related to XPS tools, could you please explain?

Solution:

The LDAP search timeout is not hard-coded. You can modify the value of the LDAP search timeout by setting the following registry setting:

HKEY_LOCAL_MACHINE\SOFTWARE\Netegrity\SiteMinder\CurrentVersion\LdapPolicyStore\
SearchTimeout= 0x78;         REG_DWORD

Values should be put in hexadecimal. 0x78 represents 120 seconds.

Changes in the sm.registry takes effect after restarting the SiteMinder policy server service.