policy agent for IIS 5.0
Hi,
I have an access manager 2004Q2. I want to control access over an IIS5.0 server. During the installation of the policy agent everyhting seems to go fine, but after a reboot, it looks like nothing happened.
On the access manager machine, I could not find a new IIS directory in /etc/opt/SUNWam/agents (eventhough a directory for the apache agent appears here).
And on the IIS machine, I have the config files and stuff in C:\sun\identity_server but nothing was created at the IIS root. I think an amagent dir should have been created here, just like for apache, no?
I even listened to network traffic with ethereal from the AM machine when installing the agent, and I couldn't see anything relevant.
And finally last thing that proves that the agent is not doing its job, access to IIS is not restricted.
Hope someone can give advices where to look...
[899 byte] By [
ben78a] at [2007-11-27 2:01:29]
# 5
Hi,
This is my amAgent.properties file in IIS5.0 agent configured to asp application
com.sun.am.policy.am.cookieName = iPlanetDirectoryPro
com.sun.am.policy.am.namingURL = http://test88.sunidm.com:80/amserver/namingservice
com.sun.am.policy.am.loginURL = http://test88.sunidm.com:80/amserver/UI/Login
com.sun.am.policy.am.library.loginURL =
com.sun.am.policy.am.logFile = D:/Sun/Identity_Server/Agents/2.0/debug/D__DDRIVE_HelpDesk/amAgent
com.sun.am.policy.am.serverLogFile = amAuthLog
com.sun.am.policy.am.logLevels = 4
com.sun.am.policy.agents.logAccessType = LOG_BOTH
com.sun.am.policy.am.username = test_agent
com.sun.am.policy.am.password = aHowuQuwohB404ivWY6HPQ==
com.sun.am.policy.am.sslCertDir = D:/Sun/Identity_Server/Agents/2.0/iis/cert
com.sun.am.policy.am.certDbPrefix =
com.sun.am.policy.am.trustServerCerts = true
com.sun.am.policy.am.notificationEnabled = true
com.sun.am.policy.agents.agenturiprefix = http://test05.sunidm.com:85/amagent
com.sun.am.policy.agents.locale = en_US
com.sun.am.policy.am.notificationURL = http://test05.sunidm.com:85/amagent/UpdateAgentCacheServlet?shortcircuit=false
com.sun.am.policy.am.urlComparison.caseIgnore = true
com.sun.am.policy.am.cacheEntryLifeTime=3
com.sun.am.policy.am.userIdParam=UserId
com.sun.am.policy.agents.accessDeniedURL =
com.sun.am.policy.agents.unauthenticatedUser=anonymous
com.sun.am.policy.agents.anonRemoteUserEnabled=True
com.sun.am.policy.agents.urlRedirectParam=goto
com.sun.am.policy.agents.instanceName = unused
com.sun.am.policy.agents.reverse_the_meaning_of_notenforcedList = false
com.sun.am.policy.agents.notenforced_client_IP_address_list =
com.sun.am.policy.agents.do_sso_only = true
com.sun.am.policy.am.headerAttributes=cn|common-name,ou|organizational-unit,o|o rganization,mail|email,employeenumber|employee-number,c|country
com.sun.am.policy.agents.is_postdatapreserve_enabled = false
com.sun.am.policy.agents.postcacheentrylifetime = 10
com.sun.am.policy.agents.cdsso-enabled=false
com.sun.am.policy.agents.cdsso-component.URL =
com.sun.am.policy.agents.version=2.0
com.sun.am.policy.agents.client_ip_validation_enable = false
com.sun.am.policy.am.ias_SLB_cookie_name = GX_jst
com.sun.am.policy.am.loadBalancer_enable = false
com.sun.am.policy.agents.fqdnDefault = test05.sunidm.com
com.sun.am.policy.agents.fqdnMap = test88.sunidm.com
This is error message in log file of agent amAuthlog
2007-05-08 16:57:57.726Error 2820:00C54F98 PolicyEngine: am_policy_evaluate: InternalException in Service::getPolicyResult with error message:No Action Decision found and code:19
2007-05-08 16:57:57.726 1282820:00C54F98 RemoteLog: User admin was allowed access to http://test05.sunidm.com:85/.
And iam not able to find the ames6.dll. can you pls give th e exact path where i can get that file and put it in the respective folder.
Pls help me urgent...
Thanks in Advance
Rgds
Sai Kumar T
Message was edited by:
sthalupuru
Message was edited by:
sthalupuru
