Issue:
We're trying to integrate Identity Manager 14.1 with CA SSO.
https://docops.ca.com/ca-identity-manager/14-1/EN/configuring/ca-single-sign-on-integration/integrate-ca-single-sign-on-with-ca-identity-manager/import-ca-identity-manager-schema-into-the-policy-store
We've extended the policy store DSA as explained in the documentation
with the etrust_ims8.dxc, and when I import the schema it fails with
this error:
tehrh976:UH00061:/products/siteminder/CA/xps/dd$ XPSDDInstall IdmSmObjects.xdd -vT
[XPSDDInstall - XPS Version 12.52.0101.640]
Log output: /products/siteminder/CA/log/XPSDDInstall.2018-04-28_205239.log
Initializing database, please wait...
(INFO) : [sm-xpsxps-00120] Initializing XPS Version 12.52.0101.640
(INFO) : [sm-xpsxps-01160] LDAP Provider Info String = CA Directory
(INFO) : [sm-xpsxps-01120] LDAP Provider Version: supportedLdapVersion = 3
(INFO) : [sm-xpsxps-01120] LDAP Provider Version: dxServerVersion = dxserver 12.0.18 (build 12074) Linux 64-Bit
(INFO) : [sm-xpsxps-01160] LDAP Provider Info String = CA Directory
(INFO) : [sm-xpsxps-00560] Database Transactions are 0.
(INFO) : [sm-xpsxps-00300] 1 Parameter(s) loaded from Policy Store, 1 total.
(INFO) : [sm-xpsxps-00330] Caching Policy Data...
(INFO) : [sm-xpsxps-00310] 4941 object(s) loaded from the Policy Store.
(INFO) : [sm-xpsxps-00430] Policy Store ID is "0000d1d5-3b70-18a4-bb70-914b0a81a07e".
(INFO) : [sm-xpsxps-06870] XPS Auditing is enabled.
(INFO) : [sm-xpsxps-03460] No validation warnings will be logged (controlled by CA.XPS::$LogValidationWarnings).
(INFO) : [sm-xpsxps-00150] XPS Initialized. (1344, 0, 0)
(INFO) : [sm-xpsxps-00150] XPS Initialized.
(INFO) : [sm-xobfed-02577] Successfully loaded smobjadapter.
(INFO) : [sm-xpsxps-03981] Loading file IdmSmObjects.xdd, please wait...
Saving data from IdmSmObjects.xdd, please wait...
(ERROR) : [sm-xpsxps-00540] Previous error occurred on object "CA.SM::IMSDirectory.SearchMaxRows"
(FATAL) : [sm-xpsxps-04140] Save failed.
(INFO) : [sm-xpsxps-00160] Shutting down XPS...
(INFO) : [sm-xpsxps-00160] Shutting down XPS...
(INFO) : [sm-xpsxps-00210] Releasing SiteMinder object store connection to XPS...
(INFO) : [sm-xpsxps-00180] Releasing XPS configuration cache...
(INFO) : [sm-xpsxps-00240] XPS Shutdown Complete.
We suppose it's needed before launching the IM installation of
Extensions for CA SSO.
How can we solve this ?
Cause:
The issue seems to be related to the object
"CA.SM::IMSDirectory.SearchMaxRows"
From the ldif we find this object :
dn: xpsXID=CA.SM::IMSDirectory.SearchMaxRows,ou=XPS,ou=PolicySvr4,ou=SiteMi
nder,ou=Netegrity,o=policystore,c=us
objectClass: xpsXIDKey
objectClass: top
xpsXID: CA.SM::IMSDirectory.SearchMaxRows
xpsIndexedObject: xpsNumber=0000004817,ou=XPS,ou=policysvr4,ou=siteminder,ou
=netegrity,o=policystore,c=us
creatorsName: cn=PolicyServerAdmin,o=policystore,c=us
You can take another backup of your store, and then delete the object,
and then try to run the import again:
XPSDDInstall IdmSmObjects.xdd -vT
Resolution:
To solve the issue, delete entries starting with "dn:xpsXID=CA.SM::IMSDirectory*" and run XPSDDInstall IdmSmObjects.xdd -vT following the instruction given in Identity Manager to integrate with Policy Server and Store.
KB : KB000099493