Layer7 Access Management

Expand all | Collapse all

Encrypt AgentName causing issues

Jump to Best Answer
  • 1.  Encrypt AgentName causing issues

    Posted 08-23-2016 07:43 PM

    Encrypt AgentName causing issues among agents.

     

    I have upgraded my policy server from R12Cr1 to R12CR5 , at the same time seperated my key store from my policy store.

    Since then, none of my agents were able to communicate with my IWA server agent. I had to modify all webagent ACO to add 'EncryptAgentName=No' so they can communicate to my IWA agent, which can in turn process login requests.

     

    My IWA agent version is:

    Product Name=CA SiteMinder Web Agent

    FullVersion=12.51.1.972

    Version=12.51

     

    Please note that this agent has worked fine on my old R1252CR1 (key store embedded into policy store) before today.

     

    Appreciate any thoughts as to why this was causing me an issue.



  • 2.  Re: Encrypt AgentName causing issues

    Posted 08-23-2016 07:50 PM

    Hi Anil, what do you see in the policy server trace logs and web agent trace logs durign the handshake ?



  • 3.  Re: Encrypt AgentName causing issues

    Posted 08-23-2016 08:04 PM

    Oh man, This is so very embarassing. Earlier, in IIS IWA log, I saw errors saying:

    'Communication failure between policy server and webagent. '

     

    Then I set EncryptAgentName=No and everything started to work fine. I had to do this to my agents on Unix and AIX.

    When I set the EncryptAgentName=Yes to collect logs, I can no longer reproduce the issue. This is second issue I faced today, started working fine by itself.I will test this again later and keep you posted. Srry for the trouble.



  • 4.  Re: Encrypt AgentName causing issues

    Posted 08-23-2016 08:30 PM

    By any chance were you using any bookmarked url ?



  • 5.  Re: Encrypt AgentName causing issues

    Posted 08-23-2016 09:47 PM

    I am absolutely positive there are no book marks ..

     

    Sent from my iPhone



  • 6.  Re: Encrypt AgentName causing issues
    Best Answer

    Posted 08-23-2016 11:39 PM

    Keep the EncryptAgentName value to YES and try to set the EnableKeyUpdate registry key to 1 on policy server.

    Path - Netegrity->SiteMinder ->ObjectStore

     

    Capture the logs and let me know what you see.