Symantec Identity Management

Expand all | Collapse all

Unable to login to CA Identity minder console

  • 1.  Unable to login to CA Identity minder console

    Posted 01-16-2015 03:58 AM

    Hi All,

     

    Facing an issue where we are unable to get the login page for CA Identity minder console. When we hit the URL. the following screen is displayed directly as if the user has logged in

     

    There is an error in the logs as well as follows. (not sure whether they are connected)

     

     

    2015-01-15 09:56:07,985 WARN  [ims.ui] Could not find attribute : %FULL_NAME% taskName : null ex : null

    2015-01-15 09:56:08,001 WARN  [ims.ui] Could not find attribute : %USER_ID% taskName : null ex : null

    2015-01-15 09:57:17,382 ERROR [ims.llsdk.role.azengine] Unable to locate administrator user in the corporate directory

    2015-01-15 09:57:17,382 ERROR [ims.ui] com.netegrity.llsdk6.imsapi.exception.ImsRuntimeException

    [facility=4 severity=3 reason=0 status=6 message=Unrecognized command]

    Unable to locate administrator user in the corporate directory

    at com.netegrity.llsdk6.imsimpl.securityengine.PolicyEngine.getAdministratorsTasks(PolicyEngine.java:1266)

    at com.netegrity.llsdk6.imsimpl.provider.AdminTaskProviderImpl.getAdministratorsTasks(AdminTaskProviderImpl.java:482)

    at com.netegrity.webapp.util.TaskCategoryHelper.getAllAdminTasks(TaskCategoryHelper.java:689)

    at com.netegrity.webapp.util.TaskCategoryHelper.initAllTasks(TaskCategoryHelper.java:111)

    at com.netegrity.webapp.util.TaskCategoryHelper.getAllTasks(TaskCategoryHelper.java:87)

    at com.netegrity.webapp.util.TaskCategoryHelper.<init>(TaskCategoryHelper.java:704)

    at com.netegrity.webapp.util.TaskCategoryHelper.getInstance(TaskCategoryHelper.java:66)

    at idm_jsp.app.ui7.index_jsp._jspService(Unknown Source)

    at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)

    at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)

    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)

    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)

     

     

    Has any one faced this issue before. Please help.



  • 2.  Re: Unable to login to CA Identity minder console

    Posted 02-05-2015 02:13 AM

    Yes, we have faced this issue few weeks back.

    Could you please confirm if u have integrated idm with siteminder ?



  • 3.  Re: Unable to login to CA Identity minder console

    Posted 02-18-2015 06:44 AM

    Hi k.nazeem

     

    We are also facing similar issue. We have integrated IDM with siteminder/SPS.

     

    12:02:14,885 WARN  [ims.ui] (http-/0.0.0.0:8080-1) Could not find attribute : %FULL_NAME% taskName : null ex : null

    12:02:14,885 WARN  [ims.ui] (http-/0.0.0.0:8080-1) Could not find attribute : %USER_ID% taskName : null ex : null

    12:07:29,950 ERROR [ims.llsdk.role.azengine] (http-/0.0.0.0:8080-6) Unable to locate administrator user in the corporate directory

     

    Please help if anybody knows its fix.

     

    Thanks,

    Satish



  • 4.  Re: Unable to login to CA Identity minder console

    Posted 05-07-2015 01:15 PM

    Hi Satish,

     

    We are in the process of Integrating our CA IDM 12.6 SP3 with Siteminder. I looked at the doc and was not that helpful. Can you please share your steps that you followed so that we can try to follow your guidelines. Request your help on this.


    Best Regards,
    Gurudutt



  • 5.  Re: Unable to login to CA Identity minder console

    Posted 05-08-2015 02:35 AM


  • 6.  Re: Unable to login to CA Identity minder console

    Posted 05-08-2015 02:36 AM

    Make sure that this parameter is set in server.conf

     

    enableredirectrewrite="yes"



  • 7.  Re: Unable to login to CA Identity minder console

    Posted 02-18-2015 08:55 AM

    Subinp,

     

    Are you attempting to access the IDM application through the configured SiteMinder reverse proxy?

    Have you made sure to disable the native IdentityMinder Framework Authentication?

     

    On the SiteMinder WAMUI are you able to view the directory content that was imported when you did the IDM/SM integration and verify the user you are attempting to log in with. I am a little confused when you say you are trying to hit the IDM login page. When you integrate SM / IDM you disable the native IDM authentication framework which then does not show this page to the end user. The IDM application will be protected and fully reliant on SiteMinder as the authentication source where you can set SiteMinder authentication schemes that are able to protect your IdentityMinder resources.

    In my opinion you should be hitting a SiteMinder forms html authentication page (for example) where you will authenticate before the user context is passed to the IDM application with the appropriate roles etc.

     

    Can you elaborate a little more on the flow the user is taking before being presented with the screen and error log you provided.

     

    Thanks,

     

    Adam



  • 8.  Re: Unable to login to CA Identity minder console

    Posted 08-26-2015 06:56 AM

    The Problem is with webagent configuration. Due to webagent has not configured properly/errors in webagent configuration, it's not asking for authentication details rather it's directly launching a blank screen upon accessing the IM url.

    Try to configure the Webagent by launching "WebAgent configuration wizard" from "Start menu-> CA-> Siteminder Web Agent". After configuring the Webagent, i could able to login to IM via SPS successfully.