XPS Sweeper integrity report
search cancel

XPS Sweeper integrity report

book

Article ID: 99528

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

 

We're reviewing the XPSSweeper report and we've noticed the objects
appearing as duplicated with Identity Manager, as all of them are used
when integrating Identity Manager with Siteminder. These objects seem
to be properties of a User Directory (Container, paging, stickiness,
etc), which are related to a User Directory. We've noted also that
when Identity Manager is integrated with Siteminder, when we create a
User Directory in Identity Manager, the process creates a matching
User Directory in SiteMinder Policy Store too.

There are objects that are duplicated :

  [1] 
  Object ID: CA.SM::[email protected] 
  Object Name: DIRECTORY_SERVER_STICKINESS 
  Object Path: IMSAdditionalPropertiesSet[32-377cc592-1ad6-4be4-8684-22bde8de8285] / IMSAdditionalProperties[DIRECTORY_SERVER_STICKINESS] 
  Object Description: 

  [2] 
  Object ID: CA.SM::[email protected] 
  Object Name: DIRECTORY_SERVER_STICKINESS 
  Object Path: IMSAdditionalPropertiesSet[32-aa27a1b1-0f4c-4120-aa5d-df239eb8f212] / IMSAdditionalProperties[DIRECTORY_SERVER_STICKINESS] 
  Object Description: 

How can we solve this ?

 

Environment

 

Policy Server 12.8SP3 on RedHat 7

 

Resolution

 

First you should determine if these duplicated errors are all
referring to the same User Directory object (as we should only have
one of each then), or if these are old "orphan" directory objects in
the Policy Store.

Second, if these objects pertain to an existing User Directory, you
should remove the duplicated objects accordingly. For this you can use
the XPSExplorer tool, and check the current Identity Manager User
Directories to see if they are orphan or duplicated and can be
deleted, which can be done from the XPSExplorer tool itself.

This should be solved by renaming the affected objects. To
illustrate :

From those duplicated objects :

  [1] 
  Object ID: CA.SM::[email protected] 
  Object Name: DIRECTORY_SERVER_STICKINESS 
  Object Path: IMSAdditionalPropertiesSet[32-377cc592-1ad6-4be4-8684-22bde8de8285] / IMSAdditionalProperties[DIRECTORY_SERVER_STICKINESS] 
  Object Description: 

  [2] 
  Object ID: CA.SM::[email protected] 
  Object Name: DIRECTORY_SERVER_STICKINESS 
  Object Path: IMSAdditionalPropertiesSet[32-aa27a1b1-0f4c-4120-aa5d-df239eb8f212] / IMSAdditionalProperties[DIRECTORY_SERVER_STICKINESS] 
  Object Description: 

Rename 1 of them as :

  CA.SM::[email protected]
  Object Name: DIRECTORY_SERVER_STICKINESS

to

  CA.SM::[email protected]
  Object Name: DIRECTORY_SERVER_STICKINESS-InternalApp 

Do the same with the other 8 duplicities found.

This would solve the issue on CA Single Sing-On side.

 

Powered by Wolken Software