Symantec Access Management

 View Only

Validate web agent shared secret

  • 1.  Validate web agent shared secret

    Broadcom Employee
    Posted Dec 14, 2018 04:44 PM

    I'm supporting an r12.52 sp01 cr05 policy server environment where we're getting this error message from a web agent:


    Could not establish an Agent connection to the Policy Server.  Maybe the policy server is unreachable or a bad SmHostFile has been specified.


    Connectivity issues have been ruled out by virtue of successful telnet tests from the web agent server to all policy servers on all ports.  The SmHost file seems correctly configured.  Before blindly re-registering the trusted, I'd like to confirm the shared secret in SmHost.conf aligns with the shared secret in the policy store.  My attempts to complete that comparison using a known working trusted host have not been successful.  My approach has been to compare the string in SmHost.conf to the value I get by using XPSExplorer to identify the OID of the trusted host, then get the shared secret from the policy store by using XPSExport to create an XML file of that object.


    Is it possible to validate the shared secret in an SmHost.conf file and, if so, how?


    Any other suggestions?