Troubleshooting

This section contains the following topics:

Unable to Start Apache on UNIX systems

Non-english Input Characters Contain Junk Characters

Unable to Log Federation Web Services Errors

DNS is Cached for Every Request

Resource Request Fails

The Installation Program Displays Warnings

Cannot Start the CA SiteMinder® SPS Server

Cannot Access the CA SiteMinder® SPS with a Browser

Issues Configuring Virtual Hosts

Virtual Hosts Configuration Fails

CA SiteMinder® SPS Not Forwarding Requests

Error in Accessing a SharePoint Page

Unable to Start Apache on UNIX systems

Symptom:

When running the CA SiteMinder® SPS on a UNIX system, the Apache server fails to start. In the Apache log file, the following error message appears:

Invalid argument: setgid: unable to set group id to ...

Solution:

This error occurs when the group for the Run-As-User on UNIX systems does not correspond to the group specified in the Apache configuration file (httpd.conf). If you see this error, edit the Group directive in the Apache httpd.conf file.

To edit the Group directive

Remove the comment sign (#) before the Group directive
Specify the group to which the Run-As-User belongs.
Run the CA SiteMinder® SPS startup command again (sps-ctl start or startssl).

Non-english Input Characters Contain Junk Characters

Symptom:

When I install or configure SiteMinder components in the console mode on UNIX machines, few non-English input characters are not displayed correctly in the console window.

Solution:

Verify terminal settings of your console window and confirm that the console does not clear high (8th) bit of input characters by executing the following command:

stty -istrip

Unable to Log Federation Web Services Errors

Symptom:

The Federation Web Services errors are not logged.

Solution:

To log the errors in Federation Web Services, enable the AffWebServices and FWSTrace logs parameters in the LoggerConfig.properties file.

Follow these steps:

Open the LoggerConfig.properties file.
Default Path: sps_home/secure-proxy/Tomcat/webapps/affwebservices/WEB-INF/classes/LoggerConfig.properties
Configure the following parameters:
```
LoggingOn=Y
```
```
TracingOn=Y
```
Save the changes.

DNS is Cached for Every Request

Symptom:

I do not want CA SiteMinder® SPS to cache the DNS name look-up settings of the server.

Solution:

The CA SiteMinder® SPS is configured by default to cache the DNS settings of the server. To change this default behavior, adjust the networkaddress.ttl setting in the java.security file.

Follow these steps:

Navigate to the directory NETE_SPS_JAVA_HOME\jre\lib\security.
Open the java.security file.
Set the networkaddress.cache.ttl parameter to a positive integer. For example, networkaddress.cache.ttl=2

networkaddress.ttl

Specifies the duration, in seconds, for which the CA SiteMinder® SPS caches the successful DNS name look-ups. Enter a positive integer. If you enter a negative value, the CA SiteMinder® SPS caches the DNS settings.

Default: -1