Symantec Access Management

  • Private Community

  • 1.  Deleting IDM entries from CA SSO Policy store

    Posted Jun 14, 2018 12:30 AM

    Is there a way to export the CA SSO policy store (version 12.52) without having to export the IDM objects, existing in the policy store using one of the XPSExport configuration flags?


    We currently have CA IDM objects in our policy store as CA SSO was integrated earlier with CA IDM but not any more. So during upgrade, our goal is to delete the CA IDM related objects before importing the policies into the new 12.8 policy store .



  • 2.  Re: Deleting IDM entries from CA SSO Policy store
    Best Answer

    Posted Jun 14, 2018 08:09 AM

    Hi Venkatanand,

     

    No, We dont have any option to export policy store without IDM objects.

    You could try to export the full dump and delete IDM objects manually. 

     

    IDM objects will contain IMS as prefix
    e.g : CA.SM::IMSValidationRule

     

    Thanks,
    Sharan



  • 3.  Re: Deleting IDM entries from CA SSO Policy store

    Broadcom Employee
    Posted Jun 14, 2018 10:15 AM

    Did you get chance to look at  - Using SMPolicyReader to generate xcart selection.  

     

    You can use SMPolicyReader to export selective objects only by adding it to Xcart option visually. You can connect SMPolicyReader directly to your existing PolicyStore or an exported xml file.

     

    Regards

    Ashok 



  • 4.  Re: Deleting IDM entries from CA SSO Policy store

    Posted Jun 27, 2018 11:48 PM

    We were able to find the block of IDM objects in the export XML and deleted those sections. Thanks for the inputs .