Release Notes › Policy Server Release Notes › Defects Fixed in SiteMinder Releases › Defects Fixed in r12.0 SP1 and r12.0 SP2 › Certificate-Only Authentication Schemes Fail with Custom Certificate Mapping (75552, 80266)

Certificate-Only Authentication Schemes Fail with Custom Certificate Mapping (75552, 80266)

Symptom:

When you create a custom certificate mapping for an LDAP user directory, the resulting search query string includes the LDAP User DN Lookup Start and End strings in addition to the Mapping Expression that you specify on the Create Certificate Mapping pane. The resulting query is invalid and the search fails.

Solution:

You can exclude the DN Lookup Start and End strings from the search query string by setting the

\Netegrity\SiteMinder\CurrentVersion\PolicyServer\EnableCustomExprOnly

registry key as follows:

• value = 1

  Excludes the DN Lookup Start and End strings from the search query string.

• value /= 1 (default)

  Includes the DN Lookup Start and End strings in the search query string.

STAR Issue: 17360040-01