Layer 7 Access Management

Tech Tip : CA Single Sign-On : Getting the error: "Failed to define the STS needed for WS-FED Active Profile" when initializing STS 

09-27-2017 10:05 AM


When trying to configure STS in Access Gateway, I am getting the following errors:


[STSForOffice365.cpp:458][addResponseAttr][WARN][Assert] Assert failed: wssAttrType
[STSForOffice365.cpp:183][createOffice365STS][WARN][Assert] Assert failed: response
[STSForOffice365.cpp:822][redefineSts][ERROR][sm-xobfed-02776] Failed to define the STS needed for WS-FED Active Profile
[WSFEDIPToRPPartSvc.cpp:625][setRedefined][ERROR][sm-xobfed-01370] setRedefined failed!.
[PartnershipService.cpp:2091][PartnershipService][ERROR][sm-xobfed-02330] PartnershipService failed. Operation: 2


Before initializing, I have configured the Entities (Local WSFED IP and Remote RP), the partnership, and added the Security Token Service using the STS Name and STS Context from the partnership.


These errors occur when the process is trying to generate related objects, and finds that the policy store is missing some required objects to create them.


In order to solve the issue, please, follow the steps below:


1) Stop the Policy Server.
2) Run the following commands:
 XPSDDInstall SmMaster.xdd  (run it from PS /xps/dd folder)
 XPSImport smpolicy.xml -npass   (run it from PS /db folder)

3) Run XPSSweeper tool: 

   XPSSweeper -vT 

    and insure no error are reported

4) Start the Policy Server.

5) Once started, repeat the process to initialize STS.


KD : TEC1913177

0 Favorited
0 Files

Tags and Keywords

Related Entries and Links

No Related Resource entered.