ca.portal.admin

Pulling information from ADAM policy Store.

Discussion created by ca.portal.admin on Apr 23, 2010
Hello  There,

We  have  Siteminder  Policy  Server  version  6.0  SP5  running  on  Windows  2003
server  with  ADAM  as  Policy  Store.  Business  has  come  up  recently  with  a
requirement  where  there  is  some  interface  is  needed  to  show  what  resource  is
having  what  authorization  AD  group  in  its  policy.  The  policy  Server  console
cannot  be  provided  to  them  as  giving  "Manage  Policies  and  Domain"  option  is
not  read  only  and  the  user  can  delete  some  settings.  Thereby  we  are  looking
for  an  idea  where  a  web  interface  kid  of  solution  could  be  provided  that  may
show  the  information  needed  here.  The  Realm  protected  by  Siteminder  shall
show  the  resources/Group  authorized  to  view  that  realm.  The  output  of  the
smbojexport  and  the  LDAP  browser  shows  all  Hex  Decimal  values  which  can  not
be  used  here.

Is  there  any  other  method  or  process  there  where  in  SM  6.0  we  can  show  the
above  said  requirement.  We  know  that  SM  R12  has  the  facility  of  assigning  a
person  with  "auditor"  role  which  is  read  only  role.  But  we  right  now  not  able
to  upgrade  to  SM  R12  and  IM  R12  yet  in  this  environment  due  to  the  limitation
that  SM  R12  does  not  support  Access  Roles  any  more  like  they  could  be  defined
in  SM  6.0  before.

Please  let  us  know  what  can  be  done  here  for  this  requirement,  if  you  have
any  other  customer  who  had  this  kind  of  requirement  or  if  there  are  any  tech
notes  that  can  used  here.Thanks with RegardsRakesh Puril

Outcomes