We have an application that interacts with the Siteminder. When the policy server was configured to pass the AD objectGUID back to our application – an IIS 500 web-page error sometimes occurs if certain (illegal/invalid) characters within the value are sent in the header to the receiving web page. We tried different encoding/decoding options and settings and haven't found the combination to get the raw data through. We are using a 2012 OS for the web agent and application and the policy server is 2008R2.
There is another application we know of that is much older on a Windows 2003 OS that can have the AD objectGUID enabled in the header information and display in a simple response.write page and it works just fine.
Has anyone else encountered this and can help? We tried some IIS settings, config settings for Siteminder etc. but haven't found the combination to make this work.
We had a ticket in with CA and this was their response:
I was able to reproduce this issue in
my lab and was able to see objectGUID as junk values in the siteminder logs.
After doing some research I learned
that Siteminder does not support OctectString values.
However we know that it does work with an older .Net application, OS & Siteminder version. So has it permanently changed that it no longer works but used to?