Layer 7 Access Management

Tech Tip : CA Single Sign-On : Getting the error: "Failed to define the STS needed for WS-FED Active Profile" when initializing STS 

09-27-2017 10:05 AM

Issue:

When trying to configure STS in Access Gateway, I am getting the following errors:

 

[STSForOffice365.cpp:458][addResponseAttr][WARN][Assert] Assert failed: wssAttrType
[STSForOffice365.cpp:183][createOffice365STS][WARN][Assert] Assert failed: response
[STSForOffice365.cpp:822][redefineSts][ERROR][sm-xobfed-02776] Failed to define the STS needed for WS-FED Active Profile
[WSFEDIPToRPPartSvc.cpp:625][setRedefined][ERROR][sm-xobfed-01370] setRedefined failed!.
[PartnershipService.cpp:2091][PartnershipService][ERROR][sm-xobfed-02330] PartnershipService failed. Operation: 2

 

Before initializing, I have configured the Entities (Local WSFED IP and Remote RP), the partnership, and added the Security Token Service using the STS Name and STS Context from the partnership.

Cause:

These errors occur when the process is trying to generate related objects, and finds that the policy store is missing some required objects to create them.

Resolution:

In order to solve the issue, please, follow the steps below:

 

1) Stop the Policy Server.
2) Run the following commands:
 XPSDDInstall SmMaster.xdd  (run it from PS /xps/dd folder)
 XPSImport smpolicy.xml -npass   (run it from PS /db folder)

3) Run XPSSweeper tool: 

   XPSSweeper -vT 

    and insure no error are reported

4) Start the Policy Server.

5) Once started, repeat the process to initialize STS.

 

KD : TEC1913177

Statistics
0 Favorited
1 Views
0 Files
0 Shares
0 Downloads

Tags and Keywords

Related Entries and Links

No Related Resource entered.