Symantec Access Management

 View Only
  • 1.  CA SiteMinder - Policy Server not functioning

    Posted Aug 23, 2019 01:40 AM
    Hi,

    We have 2 Siteminder policy servers load-balanced.

    Out of those 2, only one Siteminder policy is fully functioned and serving the requests from the web agents.

    In the other SiteMinder policy server, I could only see the following log entries always. Even, I had tried the policy server restart as well.

    [08/23/2019][15:18:50][3887377264][][CCrypto.cpp:977][CCrypto::SeedRandom][][][][][][][][][][][][Initiating generation of OS Random data.]
    [08/23/2019][15:18:50][3887377264][][CCrypto.cpp:986][CCrypto::SeedRandom][][][][][][][][][][][][Completing generation of OS Random data.]
    [08/23/2019][15:19:50][3887377264][][CCrypto.cpp:977][CCrypto::SeedRandom][][][][][][][][][][][][Initiating generation of OS Random data.]
    [08/23/2019][15:19:50][3887377264][][CCrypto.cpp:986][CCrypto::SeedRandom][][][][][][][][][][][][Completing generation of OS Random data.]

    I have checked the "entropy" value as well. It is always above 3000.

    watch -n 1 cat /proc/sys/kernel/random/entropy_avail

    Thanks,
    Mahendran


  • 2.  RE: CA SiteMinder - Policy Server not functioning
    Best Answer

    Posted Aug 23, 2019 05:10 AM
    Hi Mahendran
    how is the Host Configuration Object used by the agents? Have you configured a "cluster" of policy servers, as detailed here?

    Alternatively, what if you turn off the 1st policy? Does the agent switch to the second policy server?

    Hope this helps
    Best regards
    Enrico B.


  • 3.  RE: CA SiteMinder - Policy Server not functioning

    Posted Aug 24, 2019 10:20 AM
    Hi Enrico,

    Those 2 SiteMinder policy servers are in the cluster mode and actually, they both were working fine earlier.

    When I stopped the first one, automatically the 2nd one (server showing "generation of OS Random data") accepts the requests from the web agent.

    When I stopped the 2nd one or both are running, the web agent process (LLAWP) often got shut down automatically but IIS server is running.

    [08/25/2019][00:03:20][4128][6912][SmIIS70Module.cpp:553][CSmIIS70Module::Shutdown][][][][][][][IIS 7.0 Native Module shutting down.]
    [08/25/2019][00:03:20][4128][6912][CSmHighLevelAgent.cpp:204][Shutdown][][][][][][][High Level Agent shutting down.]
    [08/25/2019][00:03:20][4128][6912][CSmManager.cpp:82][Resource Manager][][][][][][][Shutdown.]
    [08/25/2019][00:03:20][4128][6912][CSmManager.cpp:82][Session Manager][][][][][][][Shutdown.]
    [08/25/2019][00:03:20][4128][6912][CSmManager.cpp:82][Response Manager][][][][][][][Shutdown.]
    [08/25/2019][00:03:20][4128][6912][CSmManager.cpp:82][Session Manager][][][][][][][Shutdown.]
    [08/25/2019][00:03:20][4128][6912][CSmProtectionManager.cpp:125][CSmProtectionManager::Shutdown][][][][][][][ProtectionManager shutdown.]
    [08/25/2019][00:03:20][4128][6912][CSmManager.cpp:82][Credential Manager][][][][][][][Shutdown.]
    [08/25/2019][00:03:20][4128][6912][CSmManager.cpp:82][Challenge Manager][][][][][][][Shutdown.]
    [08/25/2019][00:03:20][4128][6912][CSmManager.cpp:82][Response Manager][][][][][][][Shutdown.]
    [08/25/2019][00:03:20][4128][6912][CSmManager.cpp:82][Session Manager][][][][][][][Shutdown.]
    [08/25/2019][00:03:20][4128][6912][CSmAuthenticationManager.cpp:124][CSmAuthenticationManager::Shutdown][][][][][][][AuthenticationManager shutdown.]
    [08/25/2019][00:03:20][4128][6912][CSmManager.cpp:82][Response Manager][][][][][][][Shutdown.]
    [08/25/2019][00:03:20][4128][6912][CSmManager.cpp:82][Variable Manager][][][][][][][Shutdown.]
    [08/25/2019][00:03:20][4128][6912][CSmAuthorizationManager.cpp:124][CSmAuthorizationManager::Shutdown][][][][][][][AuthorizationManager shutdown.]
    [08/25/2019][00:03:20][6548][6500][LLAWPMsgBus.cpp:221][ProcessMessage][][][][][][][Close message received from client '4128.6912']
    [08/25/2019][00:03:20][4128][6912][SmAgentAPI.cpp:1679][][][][][][][][LogMessage:INFO:[sm-AgentFunc-00040] sm-AgentFunc-00040]
    [08/25/2019][00:03:20][4128][6912][CSmAgentApiBase.cpp:612][CSmAgentApiBase::Shutdown][][][][][][][AgentApiBase Shutdown.]
    [08/25/2019][00:03:41][6548][2248][LLAWorkerProcess.cpp:1605][main][][][][][][][Stop signaled.]
    [08/25/2019][00:03:41][6548][2248][LLAWorkerProcess.cpp:1915][main][][][][][][][LLAWP Stopping.]
    [08/25/2019][00:03:41][6548][2248][LLAWorkerProcess.cpp:1920][][][][][][][][LogMessage:INFO:[sm-AgentFramework-00690] sm-AgentFramework-00690]
    [08/25/2019][00:03:41][6548][2248][SmAgentAPI.cpp:1679][][][][][][][][LogMessage:INFO:[sm-AgentFunc-00040] sm-AgentFunc-00040]
    [08/25/2019][00:03:41][6548][6500][LLAWPMsgBus.cpp:504][MsgBusWorkerFunc][][][][][][][Stop signaled.]
    [08/25/2019][00:03:41][6548][6500][LLAWPMsgBus.cpp:510][MsgBusWorkerFunc][][][][][][][Message bus shutdown.]
    [08/25/2019][00:03:41][6548][6500][LLAWPMsgBus.cpp:512][][][][][][][][LogMessage:INFO:[sm-AgentFramework-00670] sm-AgentFramework-00670]
    [08/25/2019][00:03:41][6548][6748][LLAWPLogQ.cpp:716][LogWorkerFunc][][][][][][][Stop signaled.]
    [08/25/2019][00:03:41][6548][6748][LLAWPLogQ.cpp:718][LogWorkerFunc][][][][][][][Tracing shutdown.]
    [08/25/2019][00:03:41][6548][6748][LLAWPLogQ.cpp:720][][][][][][][][LogMessage:INFO:[sm-AgentFramework-00640] sm-AgentFramework-00640]
    [08/25/2019][00:03:41][6548][6748][LLAWPLogQ.cpp:724][][][][][][][][LogMessage:INFO:[sm-AgentFramework-00600] sm-AgentFramework-00600]


    When I access the URL from the browser, I get the following error in the IIS error log:

    ModuleName: CASiteMinderWebagentModule-32
    Notification: AUTHENTICATE_REQUEST
    HttpStatus: 500
    HttpReason: HTTP/1.1 500 Internal Server Error
    HttpSubStatus: 0
    ErrorCode: The operation completed successfully. (0x0)

    Thanks,
    Mahendran


  • 4.  RE: CA SiteMinder - Policy Server not functioning

    Posted Aug 25, 2019 04:06 AM
    IIS worker process (w3wp.exe) is running. But, LLAWP process is not running.