What happened in the CA Security Community? Here's a quick recap...
Join us tomorrow for Office Hours for CA Advanced Authentication: A Live Online Chat
CA Support Mobile App for Case Management
Announcement End of “Full” Support for ObserveIT v5.6.9
View Submitted Task database queries
CA SSO Authentication on CA Identity Governance 12.6.4 using JBoss 6.x
Office Hours for CA Privileged Access Management: A Live Online Chat [Mar. 9th ]
CA SSO and JSON messages
The specified item was not found.
Which password policy gets triggered if we have a subset of user in a user Directory part of two password policy.
Unable to load SiteMinder agent configuration object.
Performance issue when we do stress Load ,Need Help to solve this issue.
How UNAB authentication works for external applications?
IdMgr process engine misses work in Task Persistence DB
Approval e Rejection notification
Password expiration policy
is there a way to customize basic authetication to give 401 error after single authetication failure
questions related to impersonation
Updating SAML IDP Certificate for 50+ partnerships
Federation SP Cert Renewal on IDP
Support SMSESSION cookies passed on URL line
Ability to send email when endpoint account task completes
Automated check-in for expired exclusive check-outs after the user was deleted
Identity Manager enhancement request - DatePicker non editable field
UNAB cluster aware registration needed
CA Directory Enhancement - Health check and alert
CA Identity Manager Connector support for PeopleSoft Financials version 9.1
Add feature to disable certificate authentication
Configuring an ALL-IN-ONE VM Image - Part 8
Tech Specs: New Features Coming with the 2016.1 Upgrade Tech Specs: New Features Coming with the 2016.1 Upgrade
Chat Transcript: Office Hours for CA Single Sign-On [Feb 18th]
CA Privileged Identity Manager Critial Alert
Office Hours for CA Advanced Authentication: A Live Online Chat [Mar. 1st]
SharePoint Integration with CA SSO(SiteMinder 12.52) for users accessing from external network without VPN
DSA_I3420 The DXgrid .db file failed to load as it contains the object identifier '(1.3.6.x.x.x)' which is not defined in the directory schema.
SiteMinder (SSO) Log Analysis / Analytics tool
SiteMinder WebAgents - Supports 4.x agents
CA Siteminder : Does changing HCO value needs restart of service?
PAM 2.5.x - LDAP import getting 9009 error
Setup OpenID Authentication Scheme (Google)
Authentication Protocol Service Management app mobile
SiteMinder 12.52 WAM GUI - https setup
Way to calculate time taken for the data replication
Data Protection: bulk audit enhancement - add comments and ability to use new issue option
Product Enhance Request
Need WSo2 App Manager Federation listed under RunBook
Option to change CAPKI for CA Directory Server
CA Directory installation with Unix Network Users
Enable/Disable on Profile Tabs
aas install fails with readonly home directory
Having consistent service scripts names across Secure Cloud Components
Latest Knowledge Base Articles for Single Sign-On (Formerly CA SiteMinder) [2/15/2016]
Meet CA Support Engineer for Payment Security: Hoshiyar Singh Digari
Snapshot Tasks for IM 12.6 OOTB Reports (Excluding Audit reports)
Walk through of setting up Apache httpd on Redhat Enterprise Linux 6 for use as a reverse proxy/load balancer for a PIM 12.9/12.9SP1 ENTM and load balancing ENTM
CA Remote Engineer Webcast [SLIDES]
Office Hours for CA Privileged Access Management: A Live Online Chat [Mar. 9th ]
Help for Policy Manager policy to be defined for POC
Configuring SiteMinder, Apache, VirtualHosts and multiple Policy Servers
OpenID Authentication Scheme - Google & Yahoo Provider - CA Single Sign-On (formerly CA Siteminder)
PS: Storing a password
CA Identityminder - Emails are getting triggered continuously
Convert responses to upper case out of box
Where are Snapshots in the SQL DB tables
Garbage Data in IDM Reports
CA SSO – Enforce Realm Timeout Question
Syncing attributes from ldap corp store to AD
Provide the ability to generate a PDF Report form the Verify GUI
Support for websocket on RHEL7/Redhat Apache 2.4 platform
User Count and User Type Report
Wild Card Search filter not working on DN Complex Type
Updated Audit Status on search panel without refresh
CA Access Management product line on Linux on Power 8
[IG] Manage IG Portal Authorization via AD Group membership
account unlock new tab in CM
Latest Knowledge Base Articles for Single Sign-On (Formerly CA SiteMinder) [2/8/2016]
CA IAM Gets Strong Customer Reviews
Chat Transcript: Office Hours for CA Privileged Access Management [Feb. 3rd]
End of Support for ObserveIT v5.6.4 and v5.6.8 from CA Privileged Identity Manager
Office Hours for CA Single Sign-On: A Live Online Chat [Feb. 18th]
when will the new PAM available ?
insert unique identifier to smaccess log.
USB and Network folder data can monitor on save ?
IDM java task API and task invocation options
PIM: Transitioned Communication Password Change
Difference between SiteMinder ValidateAccept/Reject and AzAccept/Reject
Is CA Webfort 6.2.9 is compatible with Oracle12c? We are using data direct driver 6 for webfort and WebSphere 6 to connect with current Oracle database 11G.
OAuth Authorization Grant and Best Practices in a JEE Application Server
IM events triggered after an ADS account is changed
AD Connection Error
Remove CA Directory single core and single thread UPDATE limitation
Enhancement request for AssertionGenerate audit logging
Support OnAccessReject event for SSO federation partnership
CA PIM: Create group functions for ACL's
Need OverLookSessionX type of ACO variable that could key off of a request header such as XMLHttpRequest
Policy Server SiteMinder smaccess.log timestamps
SiteMinder password policy enhancement to help mitigate DoS attacks
IIS Webagent Reset when adding protection to new Site.
1. Add LoadModule entry to the DSO Support Section
The following line(s) are added to the Dynamic Shared Object (DSO) Support configuration section, which precedes the Main server configuration section of the file.
LoadModule sm_module "<web_agent_home>/win64/bin/mod_sm22.dll"
The SiteMinder Agent requires one of the following modules in order to load:
LoadModule sm_module web_agent_home/bin/libmod_sm20.so
Apache 2.0 running on Windows
LoadModule sm_module web_agent_home/bin/mod_sm20.dll
Apache 2.2 running on Windows
LoadModule sm_module web_agent_home/bin/mod_sm22.dll
2. Add SmInitFile Entry
This entry is placed after the LoadModule entry that you added in (1). A full path is used, not a relative path.
SmInitFile "<Instance Directory>/instance1/config/OHS/ohs1/WebAgent.conf"
3. Alias Entries Added
In the Aliases section of the file, following entries are added to enable SiteMinder features.
The Alias /siteminderagent/ “<web_agent_home>/samples/” entry must come after all other aliases in the Aliases section.
AliasMatch /siteminderagent/nocert/[0-9]+/(.*) "<web_agent_home>/win64/$1"
Options Indexes MultiViews
Allow from all
Alias /siteminderagent/pwcgi/ "<web_agent_home>/win64/pw/"
Options Indexes MultiViews ExecCGI
Alias /siteminderagent/pw/ "<web_agent_home>/win64/pw/"
Alias /siteminderagent/ "<web_agent_home>/win64/samples/"
Step 2. Create WebAgent.conf file with the following content and copy it in <Instance Directory>\instance1\config\OHS\ohs1
# WebAgent.conf - configuration file for SiteMinder Web Agent
# Web Agent Version = 12.51, Build = 1402, Update = 07
Step 3. Create AgentId.dat file with the following content and copy it in <Instance Directory>\instance1\config\OHS\ohs1
(Specify unique GUID value for each of the Agent Instance )
Step 4. Change opmn.xml file at <Instance Directory>\instance1\config\OPMN\opmn
Add following lines after
<ias-instance id="instance1" name="instance1">
<variable id="NETE_WA_PATH" value="<web_agent_home>/win64/bin"/>
<variable id="NETE_WA_ROOT" value="<web_agent_home>/win64" />
<variable id="PATH" value="$NETE_WA_PATH;$PATH"/>
1. All the sections within <> need to be changed with the actual path
2. After making all these changes OS needs to be restarted.
All the sample files are attached for reference.
Removing Microsoft Windows Server 2003 (x86) from CA Privileged Identity Manager endpoint support matrix
Office Hours for CA Advanced Authentication: A Live Online Chat [Feb. 2nd]
Office Hours for CA Privileged Access Management: A Live Online Chat [Feb. 3rd]
Community Webcast: Getting Started with CA Single Sign-On and CA Remote Engineer [Feb 11th]
Secure Proxy Server (Access Gateway) - How is it? What are your lessons learned?
Issues while Using SM Agent API from JBOSS 6.4
Can I have a support matrix for CA Siteminder with AWS cloud environment
Windows 2012 R2 web agent support
TEWS API Guide
How to cutomize url redirection based on smsuthreason for basic authetication ?
virtual directory on IIS not reflecting changes
Site Minder features
Has anyone used the config\SMX509CertAuthSettings.cfg file for Client Cert Auth?
encrypting data in etautil script
failed login not logged on the aix endpoint.
ControlMinder providing SessionID through an ENV variable
Add new SAP R3 attributes to CA IDM SAP connector
SIteMinder Websocket support
Getting status of a Deployment
Better handling of idle TCP connections
Auditting details of administrators who cancel tasks in IM View Submitted Task
Better IM notification from Workpoint
CA PIM: enable end-user authentication to use AD DNS Service Records