Kristen Malzone (CA) :
If you have a question about CA Advanced Authentication, enter it here in the chat window.
Kristen Malzone (CA) :
Product experts are standing by...
Kristen Malzone (CA) :
Welcome to Office Hours, Anand & Cheryl!
Cheryl Seago :
hi no audio?
Frank Morrow :
Hi
Kristen Malzone (CA) :
No audio - all conversation happens here in the chat window.
Kristen Malzone (CA) :
We'll answer your questions right here as quickly as possible.
Kristen Malzone (CA) :
Hi Frank! Welcome!
Frank Morrow :
What is the optimal version of Siteminder to get the full functionality of Adv Auth?
Martin Yam :
i believe that the version is 12.52
Namish Tiwari :
Latest version of Siteminder should work fine with Adv Auth. Best to use is 12.52 as Marty pointed
Frank Morrow :
Thank you
Kristen Malzone (CA) :
If you're also a Single Sign-On customer, please take a few minutes to provide your feeback by taking the Product Survey: https://communities.ca.com/docs/DOC-231162658
Kristen Malzone (CA) :
Welcome, Marie!
Kristen Malzone (CA) :
Do you have a question for our Advanced Authentication experts?
Latha :
Do we have any specific documentation how to integrate with siteminder and how it works
Martin Yam :
there is an auth scheme that currently is delivered as part of the AA product that provides credential as well as risk scoring integration,
Martin Yam :
this is provided as part of the AA documentation.
Martin Yam :
- wiki.ca.com is the location for documentation at this time
Challa Ramakanth :
https://docops.ca.com/aa/8-1/EN is the URL for the AA documentation.
Namish Tiwari :
Integration of SiteMinder and Adv Auth is well documented in our docs and can be leveraged the support site. wiki.ca.com/aa is the location. You need to look for Adapter as that is one which is used for integration
Latha :
how to integrate our enterprise LDAP to work with Advance Auth with siteminder
Rishu :
Will resetting masteradmin password have any impact on the actual functinality of the application?
Namish Tiwari :
Adv Auth has Organization( Groups) which we configure for external repository in your case an LDAP and we pull all the users LDAP for enrolling or authentication. It is again documented in Admin guide how it can be done
Rishu :
Also, how can we unlock the masteradmin account? and how can we reset the password?
Namish Tiwari :
We only do read operations on LDAP and no write operations so we only read the user details
Latha :
is there a link page number i can look
Latha :
so it will be like we use user directory in our siteminder UI
Namish Tiwari :
Resting the masteradmin password will not have any impact on any functionality
Namish Tiwari :
@Latha, yes it will be user directory in SM ui
Rishu :
thanks
Namish Tiwari :
@Latha page 151 describes how you can integrate external repository with Adv Auth
Latha :
Can you please paste the link for Admin guide
Girish Kumar (CA) :
@Latha what version of AM are you at
Namish Tiwari :
@ Latha go to the website which is pasted above and then download the doc in PDF mode and look for section as mentioned below
Namish Tiwari :
Additional Configurations to Support LDAP Repository in CA
Strong Authentication
This appendix covers the following topics:
Creating Organization in LDAP Repository
Resolving Credential Types for LDAP Organization
Verifying the LDAP Configuration in CA Strong Authentication
Namish Tiwari :
@Rishu , in product installation location ARCOT_HOME/dbscripts we provide the arcot-masteradmin-password-reset-8.1.sql which needed to run. it is also available in 7.x version but for 6.x version support need to be contacted
Rishu :
ok thanks.. I wil check..
Girish Kumar (CA) :
@Rishu 8.1 documentation has mention of the Admin Reset script but yes for earlier version a Support ticket is needed as Namish indicated
Rishu :
Sure Girish, will check and raise support ticket, if needed.. Thanks
Rishu :
to enable VPN using Advanced authentication, do we need to make changed in AFM component also? We use Juniper pulse as our VPN solution
Kristen Malzone (CA) :
15 minutes left! Get your last questions in now!
Namish Tiwari :
@Rishu AFM OOTB provides VPN integration. There are OOTB flows defined but if you want anything other than OOTB , you may need to do some customization to achieve that. We provide SSL and Ipsec VPN integration OOTB
Rishu :
Girish Kumar (CA) :
@Rishu AFMWizard allows setting up the arcotafm.properties for VPN integration flow at 7.x and above
Rishu :
@Girish - Do you have any guide or link guiding me on the same
Girish Kumar (CA) :
@Rishu This would be in the Adapter Guide such Adapter 2.2.9
Namish Tiwari :
@Rishu go to wiki.ca.com/aa then download the doc in PDF and look for Configuring CA Adapter Juniper SSL VPN
Rishu :
- yup.. I have that document..
Rishu :
I will follow that and configure.. Thanks again
Kristen Malzone (CA) :
Alright, if there are now more questions we will wrap up Office Hours today!
Kristen Malzone (CA) :
Thanks for joining - we'll post the chat transcript to the CA Security Community.