Advanced Password Services (APS) Guide › Advanced Password Services Troubleshooting

Advanced Password Services Troubleshooting

Many things can happen when APS is not properly configured. A few of the more common issues are described below.

In all cases, the first thing that should be examined is SiteMinder’s Authentication Service Console Log on the Policy Server. APS records all significant activity into this log. If something is happening that you suspect should not be happening, always check this log first.

Always make sure that you have applied all of the latest patches/service packs to your APS installation. Often, a given problem has already been found at another site and fixed in a patch. Patches are available for download from the Netegrity support site.

If you still cannot resolve the issue, open a case using Netegrity’s support Web Site. In order to optimize response time from Netegrity, be sure to do the following:

1. Make sure that the case clearly identifies the issue as an APS issue (both in the text and as the product/component).
2. Make sure to identify the correct versions of APS, SiteMinder and your Operating System platform(s).
3. Attach your entire APS.cfg and SmPortal.cfg files to the case.
4. Attach a complete copy of the SiteMinder Authentication Service Console Log to the case. Please do not just cut/paste important lines, sometimes the issue requires that we see the entire authentication process.

   A site can request that additional information (traces) be written to this log. To do so, set the "Trace" keyword in the APS Configuration File. To turn off this tracing, delete the "Trace" keyword.

   In APS Version 4.0, all of the entries placed into the Authentication Log were reviewed and their format standardized. Each specifically identifies its source as APS. Please note that it would be impossible to document the information logged, since it changes from release to release.

5. Be sure to properly prioritize your case. The rules of thumb are:
   1. Priority ONE is reserved for PRODUCTION SERVER OUTAGES ONLY and require immediate attention.
   2. Priority TWO is for serious outages that will impact rollouts, are holding up development or testing efforts, or are considerable inconveniences in production (such as requiring frequent server restarts, etc).
   3. Priority THREE is for all other issues.
   4. Capabilities questions (such as "Can APS do this…?") should be directed to your sales engineer or sales representative, rather than logged to our support site.

   Unfortunately, a few customers have been known to overstate the priority of their cases intentionally, in an effort to get more immediate response.

   Rather than being productive, this has two adverse effects:

   • It will cause the resolution of other customers’ issues to be delayed as we deal with the higher priority case. Please be consciencious to other customers.
   • Support becomes aware, over time, of customers that overstate priorities. After awhile, such priorities may not be taken as seriously as they should be, since Support may not be able to differentiate

This section contains the following topics:

Connectivity Problems