After importing an smdif file, these errors might be found in the SiteMinder and directory logs.
Smps log :
[CA.XPS:LDAP0014][ERROR] Error occurred during "Search" for "Tombstones", text: Operations error
[CA.XPS:XPSIO040][ERROR] Delete of Tombstones failed.
Corresponding LDAP error log:
[01/Apr/2011:12:45:24 +1100] - ERROR<21006> - conn=-1 op=-1 msgId=-1 - could not open index xpsTombstone for range query
[01/Apr/2011:12:45:24 +1100] - ERROR<20775> - Backend Database - conn=4 op=1075 msgId=1076 - database error 2
SiteMinder Policy Server: R12 SP3
Policy store: Oracle Directory Server Enterprise Edition (formerly Sun Directory Server Enterprise Edition) 6.3.1
Policy server OS: Windows Server 2003 SP2
This error occurs because the index for xpsTombstone field in LDAP directory is not created. To fix it, you need to regenerate the index.
- Log onto Java System Directory Service Control Center and select Directory Servers tab
- Select the directory that is the policy store
- Select Suffixes tab
- Tick the suffix that starts with ou=Netegrity, and select Regeneration Indexes from the drop-down list
- An Index Regeneration window will open. Click on Add All button to select all attributes to be re-indexed. You may choose xpsTombstone only, but the options used in this case ,were to re-build all indexes.
- Click OK
- The indexing will start running.
- And finish
- Restart the policy server and verify the error no longer happens.