Release NotesPolicy Server Release NotesKnown IssuesKnown Issues in r12.0 SP2 › Searching CertSerialNumbers in a Custom Certificate Mapping Fails (59352)

Previous Topic: IPv6 ODBC Data Sources

Next Topic: Users are Incorrectly Redirected after Receiving a New SecureID PIN (56738)
Searching CertSerialNumbers in a Custom Certificate Mapping Fails (59352)

Symptom:

(LDAP) The default Policy Server behavior is to treat a CertSerialNumber as a broken string of numbers. This behavior causes a custom certificate mapping to fail if the user directory stores the CertSerialNumber as an unbroken string of numbers. The Policy Server fails to lookup the user because the default LDAP search contains spaces.

Solution:

Enable the NoSpacesinCertNumbers registry setting. Enabling the registry setting causes the Policy Server to treat certificate serial numbers as an unbroken string of numbers for all serial number comparisons.

Location: HKEY_LOCAL_MACHINE/SOFTWARE/Netegrity/Siteminder/CurrentVersion/PolicyServer/NoSpacesInCertSerialNumbers

Values: 0 (disabled) 1 (enabled)

Default Value: 0

Copyright © 2010 CA. All rights reserved. Email CA about this topic