Steps to Re-register Admin UI

Document ID : KB000009742
Last Modified Date : 04/10/2018
Show Technical Document Details
Introduction:

This Knowledge base article goes through the Steps of Re-registering the SSO Administrative UI with the Policy server.

The Instructions are for Default JBOSS application server as well as for the deployment on Weblogic application server

Environment:
This applies to 12.x SSO product on all platforms
Instructions:

The below Instructions are for the Default JBOSS application server

 

Summary of Steps:

1.Shut down Administrative UI JBOSS application server

2.Delete the "data, log, tmp & work" folder under "<adminui dir>\server\default\" directory

3.XPSExplorer: remove the trusted host created by XPSRegClient

4.XPSSecurity: remove the WAM UI Admin Directory

5. Delete the SMWAMUI Administrator Account

6.Run XPSRegClient command on the Policy Server

        e.g. XPSRegClient siteminder:<password> -adminui-setup -vT

7.Start Administrative UI service/ Jboss application server

8.Access the Administrative UI webpage to complete the registration (e.g.:

http://<fqdn>:8080/iam/siteminder/adminui)

 

Detailed Steps Instructions:

** Shut down JBOSS

1.Navigate to <Siteminder_AdminUI_Home>/siteminder/adminui/bin

2.shutdown.bat (Windows) or shutdown.sh (UNIX)

 

** Delete the "data, log, tmp & work" folder under "<adminui dir>\server\default\" directory

** XPSExplorer -delete trustedhost

1.Open the command prompt / shell on the Policy Server

2.Change to the <PS Install Dir>/bin

3.Launch "XPSExplorer":

4.Run: xpsexplorer

5.Type 110 or 139  TrustedHost* ((or whatever number corresponds to

TrustedHost*), then hit ENTER

6.Type 's' for Search Objects , then hit ENTER

7.Locate the Trusted Host Object with the Desc: "XPSRegClient"

with the host name of the WAMUI possibly listed as an FQDN. It will look

something like this:

1.    3-CA.SM::TrustedHost@24-xpsagent-fwrk-1cc9-991a-062X4CC9A2EB

           (I) Name : "siteminder"

           (C) Desc : "Generated by XPSRegClient"

           (C) IpAddr : "0000:0000:0000:0000:0000:FFFF:"

           (C) RolloverEnabled : false

8.Confirm the Object ID for the Trusted Host Object with the name Desc

that corresponds to the WAMUI host

(The object id prefaces CA.SM::TrustedHost@24-xpsagent-fwrk~ .

In the example above, the object id is 3 )

9.Type the object id number which corresponds to the WAMUI Trusted host object, then hit ENTER

10.Type d to delete the selected object id, then hit ENTER.

11.Type 'q' to go back, and then 'q' again, and then 'q' again

(until you get the big list where it says 'MAIN MENU')

12.Choose 'q' again to exit XPSExplorer

 

** XPSSecurity -delete Admin Directory User

1. Run XPSSecurity and delete the below entry ('SiteMinder Administrative UI Directory User')

NOTE: XPSSecurity is found in the installation binaries along with smreg and is not copied to the \bin directory during installation.

MAIN MENU*******************************************************************

   A  - Administrators

   S  - Security Categories

   C  - Classes

   W  - Workspaces

   B  - Begin Transaction

   P  - Synchronize with Policy Server (if running)

   Q  - Quit

-------------------------------------------------------------------

Enter Option (A,S,C,W,B,P or Q): A

Look for SM_ADMIN-DIRECTORY

  7 - SiteMinder Administrative UI Directory User

 SM-ADMIN-DIRECTORY

 Used by the UI for authenticating administrators

2. Enter "D" for Delete

 ----------------------------- Metadata ----------------------------

   XID: CA.XPS::Administrator@000eface-b8a0-1345-b89c-9e4e0a82d04b(4103)

 In Cache? no

  (1)

      Created: 2014-04-09 21:16:44 GMT

 By: XPSDictionary::Import (via Internal)

 -------- Attributes from CA.XPS::Administrator (Base Class) -------

 01: Description                     "Used by the UI for authenticating administrators"

 02: Flags                           0(0x0):

 03: MethodsAllowed                  4(0x4): AdminUI

 04: Name                            "SiteMinder Administrative UI Directory User                                       "

 05: UserPath                        "SM-ADMIN-DIRECTORY"

 06: Workspaces

 -------------------------------------------------------------------

    B  - Blank out an Attribute

    G  - Generate GUID

    V  - Validate

    U  - Update

    D  - Delete

    R  - List Rights

    A  - List 6 Attributes

    Q  - Quit

 -------------------------------------------------------------------

 

Enter Option (# or BGVUDRAQ):  D

Note : From R12.52SP2 onwards, the folder structure for Administrative UI is changed as the embedded JBoss has now been upgraded from 5.0 to 8.2

So, instead of doing following above :

1.Delete the "data, log, tmp & work" folder under "<adminui dir>\server\default\" directory

You should : Delete the "data,log,tmp" folder under "<adminui dir>\standalone" directory.

 

** Delete the SMWAMUI Administrator Account

1. Open the command prompt / shell on the Policy Server 

2.  Navigate the file system  to the <PS Install Dir>/bin 

3.  Launch "XPSExplorer"

4.  Type ‘93’ for Administrators, then hit ENTER

           Example:  “ 93–     Admin*”

5.  Type  'S' for Search Objects, then hit ENTER 

          Example:  “ S – Search Objects”

6.  Locate the Admin object with the name "SMWAMUI:<WAMUI FQDN>".  It will look something like this:

         2-CA.SM::Admin@12-6d192e45-48e4-4870-be9d-a5v8r31t596u

         (I)  Name  :"SMWAMUI:myserver.host.com__0"

7.  Confirm the Object ID number for the Admin Object with the name "SMWAMUI:<FQDN>_n". 

NOTE: (The object id prefaces “CA.SM::Admin@<OID>”.  In the example above, the object id is “2”)

8. Type the object id number which corresponds to the name  "SMWAMUI:siteminder", (“2”), and  then hit ENTER

9. Type ‘D’ to delete the selected object id, and then hit ENTER.

10. Type 'Q' to go back,  and then 'Q' again,  and then 'Q' again (until you get the big list where it says 'MAIN MENU').

 

** Run XPSRegClient command on the Policy Server

        e.g. XPSRegClient siteminder:<password> -adminui-setup -vT

 

** Start Administrative UI service/ Jboss application server

 

** Access the Administrative UI webpage to complete the registration (e.g.:

http://<fqdn>:8080/iam/siteminder/adminui)

 

The below Instructions are for the Weblogic application server

 

1.    Shut down weblogic <weblogic_path_to_domain>\bin\stopWebLogic.sh

2.    Delete the "data" folder under "<weblogic_path_to_domain>" directory. The default location is,<welbogic install>\user_projects\domains\<user_domain>\

3.    Run XPSRegClient command on the Policy Server

                  e.g. XPSRegClient siteminder:<password> -adminui-setup -vT

4.    Start Policy Server

5.    Start weblogic

6.    Access the Administrative UI webpage to complete the registration (e.g.:

      http://<fqdn>:<port>/iam/siteminder/adminui

 

Additional Information:
This has been incorporated into the documentation. Please visit 
docops.ca.com for your version for updated information