Symantec Access Management

 View Only

Tech Tip : CA Single Sign-On : Impossible login on AdminUI

  • 1.  Tech Tip : CA Single Sign-On : Impossible login on AdminUI

    Broadcom Employee
    Posted May 20, 2019 05:25 AM


    We're running an AdminUI and after having changed the external
    Administrator password, we can't login anymore in the AdminUI.


    How can we solve this ?




    AdminUI 12.8
    Policy Server 12.8



    You can modify the connection password for the External Admin Store as
    provided by our documentation :


    Update External Administrator Store Credentials


    If the Administrative UI credentials for the external administrator
    store change, submit the new credentials to the Administrative
    UI. Otherwise the administrators lose access.


    If you installed the Administrative UI using the stand-alone option,
    that is, with the embedded JBoss server, the following utilities are


    LDAP: The smjndisetup utility to update the directory server user
    account credentials.


    To update the directory server host system name or port information,
    use the Administrative UI to recreate the connection to the external
    administrator store. The smjndisetup utility cannot update host or
    port information.


    Update Directory Server Credentials


    Update directory manager credentials with the smjndisetup utility.


    Note: The smjndisetup utility can only update connection details
    that were configured using the Administrative UI. You cannot use the
    smjndisetup utility to create the connection credentials. Follow
    these steps:


    Log in to the Administrative UI host system.


    Navigate to administrative_ui_home\CA\siteminder\adminui\bin.
    administrative_ui_home specifies the Administrative UI installation


    Run the following command:

    smjndisetup.bat --reset-password


    Do one of the following tasks:

    Type the new directory user and press Enter.
    Press Enter to accept the default user name.
    Type the new password and press Enter.
    Type y and press Enter.


    The utility restarts the Administrative UI service. The utility also
    updates the new directory connection details.



    Make sure you have applied the modification requested on this KD :


    javax.naming.NamingException: LDAP response read timed out error in adminui server.log



    KB : KB000132390