Symantec Access Management

 View Only
  • 1.  Static Agent Key deletion from policy store

    Posted Dec 12, 2019 01:24 AM
    Hi All,

    We are using static agent keys in our environment and we have 12 agent keys currently and have overwritten 4 agent keys from admin UI.

    Now we want to remove the extra 8 keys which are remaining after updating the 4 agent keys. as per the article suggested from CA, we could see below command taken from KB article Loading...
    Wolkenservicedesk remove preview
    Loading...
    View this on Wolkenservicedesk >
     

    # ldapmodify -D "cn=directory manager" -w dirmanagerpassword -h localhost
    dn: smAgentKeyOID4=1b-4a79595f-9a40-1000-a34a-830cefdf0cb3, ou=PolicySvr4,ou=SiteMinder,ou=Netegrity,o=ghost
    changetype: delete

    can you please help with the command for removal of agent keys ?

    Policy server - 12.8 (Running on Red hat 7.6)
    Policy Store - cadir140 (Runing Red hat 7.6) 

    Let me know if you have any other queries.

    Thanks,


  • 2.  RE: Static Agent Key deletion from policy store
    Best Answer

    Posted Dec 16, 2019 11:51 PM
    My thoughts.

    1. You can find the list of the static keys in your environment by running smkeyexport command
    2. All the keys gets exported to a file by running the smkeyexport command, you need to review the keys thoroughly and identify the DNs of the keys you want to delete
    3. Run the LDAP command (if you are using LDAP for policy store / key store) then you can run delete commands to delete those DNs.