For some users , we are facing this interesting issue. Sometimes (not always, but few times in a day) user is unable to access the application and being shown the error as “User has been either locked out for successive incorrect password or it has been disabled”. However when we check the Account in AD, […]
Hi All, I am trying to implement federation between Siteminder(IDP) and Salesforce(SP). I have installed Web agent Option Pack and Federation Service on Tomcat. I have created the IDP and SP entities and Partnership in Admin UI. When I try to access the Salesforce url, it gets redirected to SSO login form but I […]
Hi Friends, I am looking for Good CA Siteminder Training center along with CA SM Certificate in Hyderabad. Kindly provide some information on this. Thank you very much in advances, Regards Rajkumar G Source: New feed {pubDate}
SSO is giving AuthReject and Account disabled message in smaccess.log, however in AD, user account is fine
No commentFor a user , we are facing this interesting issue. Sometimes (not always, but few times in a day) user is unable to access the application and being shown the error as “User has been either locked out for successive incorrect password or it has been disabled”. However when we check the Account in AD, […]
We are planning to protect 300+ realms with 60 groups on an average for each authorization policy. Just checking if there would be performance issue as 60 groups will be mapped to each realm and there will be 300+ such realms. Thanks Vijay Source: New feed {pubDate}
Hello For the IDP Initiated SSO , the SP is rejecting the assertion with AuthReason=50 . We see that there is no mismatch between the IDP and SP for the below parameters. Is there an alternate way of debugging why there is authreason=50 Policy Server – 12.52 SP2 Audience Issuer DN Serial […]
Hi Team, We are looking to keep the multiple audience values in same SAML AudienceRestriction tag. Currently we are getting like below. <ns2:Conditions NotBefore=”***” NotOnOrAfter=”***”> <ns2:AudienceRestriction> <ns2:Audience>abc</ns2:Audience> </ns2:AudienceRestriction> <ns2:AudienceRestriction> <ns2:Audience>abcd</ns2:Audience> </ns2:AudienceRestriction> </ns2:Conditions> But we want like below. <ns2:Conditions NotBefore=”***” NotOnOrAfter=”***”> <ns2:AudienceRestriction> <ns2:Audience>abc</ns2:Audience><ns2:Audience>abcd</ns2:Audience> </ns2:AudienceRestriction> </ns2:Conditions> Will it be possible ? if yes […]
Hello, CA Access gateway throwing below error while acting as oidc provider:– [32345/139998188513024][Sat Feb 02 2019 14:18:18][SecureRedirect.java][ERROR][sm-FedClient-02890] Transaction with ID: 21f533e7-90d27a10-e389d42a-c53513ca-c900544d-a08 failed. Reason: SERE_GET_EXCEPTION (, , )[32345/139998188513024][Sat Feb 02 2019 14:18:18][SecureRedirect.java][ERROR][sm-FedClient-01660] Exception caught in class com.netegrity.affiliateminder.webservices.SecureRedirect, method doGet, message com.netegrity.siteminder.agentcommon.utils.k: Failed to decrypt.. (, ) While looking for “SERE_GET_EXCEPTION” it states that […]
We have a requirement coming where the IDP want to send some additional application data in query parameter, they are not comfortable adding this in their SAML Assertion. I am trying to understand how can I process this query parameter in my partnership to pass it to the application. Please suggest if someone has achieved […]
HI All, Is there a way to disable message “[sm-HTTPAgent-00190] Unable to process SMSESSION cookie.” in webagent.log. This message is exhausting the disk space. We have already enabled AcceptTPCookie for the effected agents (As mentioned in article: Web agent unable to process SMSESSION – CA Knowledge ) Any help/guidance is appreciated! Best Regards, Murali Source: New […]