Hi Rich, Thanks again!
I see the differences between what CA Product did vs what GD did - I am sure there are more core differences too which I will not comment.
But here is the question though:
Why did CA product team not consider things such as these as core enhancements to the OOTB implementation of the CA SSO Product - even as of R12.7; What is the rationale? Do they see these to be not features to be supported OOTB (I understand there could be differences in the implementation); Why should a customer pay a fee for things that are supposed to be OOTB but not for various reasons? Anyway if this is still not in the roadmap to be added in the OOTB - I think CA should make the GD implementation free.
- Allowing Federation via Impersonation (If Federation is part of the core solution; why would impersonation ignore this?)
- Allowing multiple linked accounts and associations based on groups membership (This kind of seems a basic requirement)
- Enforcing security levels for impersonation (Again seems to be a basic requirement; when Siteminder enforces security levels; there should have been a feature to enforce or disable the enforcement; with default being disable which is what it is today)
- Allowing Impersonation on Locked accounts (ignoring the password policy) - [ this seems like a basic need; we have struggled on this front and had to do some dance around this; but again if a CSR is impersonating then why would I enforce the password policy?]
The other things as Header response to application seems to be there in the OOTB solution.
Thanks