Comma removed when modifying an existing policy containing a comma in the LDAP filter in AdminUI

book

Article ID: 77172

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) AXIOMATICS POLICY SERVER CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction



When we are editing a policy through AdminUI where LDAP user entries were added manually, if the LDAP Filter path contains any comma as attribute value, it is being removed after we save it.

For example:
1) We access AdminUI, and create a new Domain with an LDAP server, Realm, and Rule.
2) Create a Policy and select the Domain, set a Policy name, and on Users step click on Add Entry.
3) Select "Search any entry" on the drop down, and under condition we set:
Role
equals
user,admin
4) Click Add button and LDAP Notation shows as: (role=user,admin)
5) Save changes, and then modify the policy. Edit the LDAP entry on Users tab, and note the notation has changed.
6) If we save changes without modifying anything, the object will be saved without the commas as well.

As workaround, we are creating the policies again from scratch, however this is causing us to dedicate additional time for these modifications, which are very common in our environment.
How can we avoid the commas to be removed?

Environment

AdminUI R12.52 SP1

Resolution

Upgrade the AdminUI to 12.52SP1CR09 :
 

Administrative UI

 
00860588DE321491

Administrative UI removes the comma in a LDAP filter when a user selects to modify an existing policy.

https://docops.ca.com/ca-single-sign-on/12-52-sp1/en/release-notes/cumulative-releases/defects-fixed-in-12-52-sp1-cr09