search cancel

Reset the CA Siteminder r12.5 Administrative UI Manually


Article ID: 32458


Updated On:


CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On


 Reset the CA Siteminder r12.5 WAMUI Manually

On occasion it may be necessary to manually ‘Reset’ or reconfigure the CA Siteminder r12.5 WAMUI.  This can be the case when you’ve overwritten an existing Policy Store to which the Policy Server which the WAMUI is configured to connect to has been overwritten by the import of a policy store from another environment.   This may also be necessary when pointing an existing WAMUI at a new environment.  This can frequently be presented as a problem connecting to the Policy Server with the WAMUI where previously it had worked without any problems.

Frequently previous attempts to re-run XPSRegClient and even smreg –su to reset the Siteminder password have not resolved connection issues with the WAMUI.

This document goes through the detailed steps on how to rest an existing WAMUI. However it primarily focuses on the steps when the WAMUI is implemented on the default embedded JBoss application server.

I.      Stop the Application Server Hosting the WAMUI

You will need to stop the application server which is hosting the WAMUI.  The default application server embedded with the CA Siteminder WAMUI is JBoss, however the r12.51 WAMUI is also supported on IBM WebSphere, Oracle WebLogic, and Red Hat JBoss.

ØStop the embedded Jboss Application Server

o   MS Windows:

1.       Open the Services Manager

a.        Start -> Run -> Services.msc


b.       Launch Server Manager and browse to Configuration -> Services.


c.        Start –Control Panel -> Administrative Tools -> Services

2.       Stop the “SiteMinder Administrative UI” service

NOTE: Alternative you could simply run one of the following commands from a command prompt:


net stop SMADMINUI

o   UNIX:

1.       Logon to the host running the WAMUI

2.       Navigate to:

 <WAMUI Home>/CA/siteminder/adminui/bin/administrative_ui_install

3.       Run the following command:

ØStop 3rd Party Application Servers

o   IBM WebSphere: See OEM documentation

o   Oracle WebLogic: See OEM documentation

o   Red Hat JBoss: See OEM documentation


II.   Delete the WAMUI Configuration from the Embedded JBoss Application Server

1.       Logon to the WAMUI host

2.       Navigate the file system to the following directory:

<WAMUI Home>\CA\SiteMinder\adminui\server\default

3.       Delete the entire  data” directory

III.Delete the WAMUI objects from the Policy Store

Delete the SMWAMUI Administrator Account

1.       Open the command prompt / shell on the Policy Server

2.       Change to the <Policy Server Install Dir>/bin

3.       Run "XPSExplorer"":   Run: xpsexplorer

4.        Type ‘13’ for “ 13 – Admin*”, then hit ENTER

5.        Type  's' for “Search Objects”, then hit ENTER

6.       Locate the Admin object with the name "SMWAMUI:siteminder".  It will look something like this:

2-CA.SM::[email protected]

(I) Name :    "SMWAMUI:siteminder"

(C) Rights :    ManageAllDomains,ManageSecurity,ManageUsers,None

7.       Confirm the Object ID for the Admin Object with the name "SMWAMUI:siteminder".

Ø   (The object id prefaces “CA.SM::[email protected]”.  In the example above, the object id is “2”)

8.   Type the object id number which corresponds to the name  "SMWAMUI:siteminder", then hit ENTER

9.   Type ‘d’ to delete the selected object id, then hit ENTER.

10.   Type 'q' to go back,  and then 'q' again,  and then 'q' again (until you get the big list where it says 'MAIN MENU')

11.   Type  56’ for “56 – TrustedHost*” , then hit ENTER

13.   Type  's' for “Search Objects”, then hit ENTER

14.   Locate the Trusted Host Object with the Desc:  "Generated by the Administrative UI" (Altnernatively it may be named “Generated by XPSRegClient”) with the host name of the WAMUI possibly listed as an FQDN.  It will look something like this:

3-CA.SM::[email protected]

(I) Name :     "siteminder"

(C) Desc :      "Generated by XPSRegClient"

(C) IpAddr :  "0000:0000:0000:0000:0000:FFFF:"

(C) RolloverEnabled : false




3-CA.SM::[email protected]

(I) Name :     "

(C) Desc :      "Generated by the Administrative UI"

(C) IpAddr :  "”

(C) RolloverEnabled : false

15.   Confirm the Object ID for the Trusted Host Object with the name Desc that corresponds to the WAMUI host  (The object id prefaces “CA.SM::[email protected]  fwrk~”.  In the example above, the object id is “3”)

16.   Type the object id number which corresponds to the WAMUI Trusted host object,  then hit ENTER

17.   Type ‘d’ to delete the selected object id, then hit ENTER.

18.   Type 'q' to go back,  and then 'q' again,  and then 'q' again (until you get the big list where it says 'MAIN MENU')

19.   Choose 'q' again to exit XPSExplorer

20.   Run XPSSecurity

21.   Delete the 'SiteMinder Administrative UI Directory User')


                                                               i.      Do it only in XPSSecurity.

Ø  XPSSecurity is found in the installation binaries along with “smreg” and is not copied to the \bin directory during installation.

22.   Run XPSsweeper and allow it to complete.

23.   Rest the Siteminder password (using the same password as was previously used):

smreg –su <password>

24.   Start the JBOSS server.

25.   Run XPSRegclient:

XPSRegclient siteminder:<passphrase> -adminui-setup

26.   Now try to log in the WAMUI again.



Component: SMAUI