Unable to activate multiple office365 Partnerships with same remote entity

Document ID : KB000005962
Last Modified Date : 14/02/2018
Show Technical Document Details
Issue:

Customer is using Partnership federation for Office365 integration.
Already one partnership is created with local entity (without Disambiguation ID) and remote entity. This partnership is already active and working fine without any issues.
Now they want to create one more partnership with the same remote entity and same local entity ID with Disambiguation ID.
They have created one more local enity with same enity ID and different entity name with Disambiguation ID but using the same remote entity. When they were trying to activate 2nd partnership, getting below errors and status is not getting changed to active still remains defined.

Both the partnerships are STS enabled.


[01/12/2017][06:51:13.284][06:51:13][5952][4320][CServer.cpp:6247][CServer::Tunnel][][][][][][][][][][][][][][][][][][][][][Start of tunnel call XPSSvc_Services][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][]
[01/12/2017][06:51:13.284][06:51:13][5952][4320][WSFEDIPToRPPartSvc.cpp:1414][WSFEDIPToRPPartSvc::canBeActivated][][][][][][][][][][][][][][][][][][][][][LogMessage:ERROR: Existing SAML Affiliate is already active; Name: office365 (
CA.SM::WSFEDSP@21-9a7f885e-a36a-4421-9ad2-124be129d9e8)][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][]
[01/12/2017][06:51:13.284][06:51:13][5952][4320][WSFEDIPToRPPartSvc.cpp:1465][WSFEDIPToRPPartSvc::setActivated][][][][][][][][][][][][][][][][][][][][][LogMessage:ERROR: setActivated failed.][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][]
[01/12/2017][06:51:13.284][06:51:13][5952][4320][CServer.cpp:6349][CServer::Tunnel][][][][][][][][][][][][][287][][][][][][][][Return from tunnel call XPSSvc_Services][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][]

Environment:
Policy server and Adminui 12.52.100.499
Cause:

Disambiguation ID is not being considered while activating the WSFED IP – RP partnership.

This is a defect in the product which is identified in r12.52 SP1.

Resolution:

Activating the IP-RP partnership in which IP entity has a disambiguation ID followed by other partnership works as expected.

Please follow the steps below: 

1) created local entity (IP1) without disambuiguation ID 

2) created one more local entity (IP2) with the same entity ID and different entity name with Disambiguation ID. 

3) created remote entity (RP) 

4) Created a IP-->RP partnership with IP1 local entity and RP remote entity. Don't activate. 

5) Created a IP-->RP partnership with IP2 local entity and RP remote entity.  Do activate. It gets activated.

6) Activate partnership created in step4. It gets activated.

 

And the fix will be available in r12.52 SP1 CR08.