Radiantone Vds Integration Notes for CA Siteminder
Content
Partner Solution Brief
RadiantOne VDS 7.1.5 Integration notes for CA SiteMinder r12.52
Version 2.0
Radiant Logic, Inc.
Radiant Logic, Inc. is the market-leading provider of identity virtualization solutions. Since pioneering the first
virtual directory in 2000, Radiant Logic has evolved its groundbreaking technology into a complete federated
identity service, enabling Fortune 1000 companies to solve their toughest identity integration and federation
challenges.
Using model-driven virtualization technology, the RadiantOne federated identity service builds customizable views
from disparate data silos, streamlining authentication and authorization for identity management, context-driven
applications, and cloud-based infrastructures.
Companies in a wide range of sectors rely on RadiantOne to deliver quick ROI by reducing administrative effort,
simplifying integration tasks, and enabling future identity and data management initiatives. Organizations such as
British Petroleum, Comcast, Defense Information Systems Agency, Federal Reserve Bank, Sony, Fifth Third Bank,
Air Force, Intel, and Symantec have all used the RadiantOne solution to speed deployment and cut costs.
In addition, Radiant is well known in the identity management industry, and was named a Gartner Cool Vendor in
2012. Partnerships with identity management software vendors—including CA, RSA/EMC, and Axiomatics—along
with professional services organizations—Accenture, Booz Allen Hamilton, and Deloitte—demonstrate the broad
impact of identity virtualization on the market.
Radiant Logic, Inc. is based in Novato, CA, with sales offices and distribution channels throughout the world.
Integration Summary
The RadiantOne federated identity service unifies your identity infrastructure, delivering a global list where every
user is represented only once so SiteMinder can authenticate efficiently, and building a complete identity profile
for each user to enable attribute sharing and fine-grained authorization.
Federating Identities through Virtualization
RadiantOne uses model-driven virtualization to externalize identity out of disparate silos and into a common,
interoperable service. This flexible, scalable infrastructure hides the heterogeneity of your existing identity
sources, providing simple, logical, standards-based access to all the identities within your organization—no matter
where or how they’re stored. With RadiantOne, all your applications get the identity they need, in a view they can
understand. This data drives every identity initiative, including web access management, directory integration, and
cloud federation. RadiantOne makes it easy to extend authentication across web and cloud applications, enable
SSO, enrich policies, speed deployments, and develop more personalized services.
Page 1 of 10
October 2014
Partner Solution Brief
RadiantOne VDS 7.1.5 Integration notes for CA SiteMinder r12.52
Version 2.0
By creating a single access point, a federated identity service enables SiteMinder to access identities from across
the infrastructure, so you can extend the schemas of underlying data sources with application-specific attributes,
without touching the stores themselves. This allows you to quickly add new services—even ones with specific
attributes not already contained in your data sources—and extend them to new populations, all without having to
change SiteMinder policies.
RadiantOne Virtual Directory Server (VDS) is the main component of the federated identity service.
VDS in Your SiteMinder Deployment:
Integrates identities to create a single account, including a unified policy profile for each user.
Establishes and maintains correlations between disparate accounts.
Offers a high-performance, high-availability LDAP V.3 directory service that’s scalable.
Makes all identity information available in real-time.
Builds a flexible infrastructure that can be re-used across any IdM or related initiative.
System Requirements
RadiantOne VDS is based on Java technologies and Radiant Logic currently provides installers containing all the
pre-requisites (except the Flash plug-in used by administration interfaces) for Windows and Linux. The Flash plugin does not necessarily need to be installed on the server but on the administrative clients.
Here are more details on the supported platforms as of July 2013:
Page 2 of 10
October 2014
Partner Solution Brief
RadiantOne VDS 7.1.5 Integration notes for CA SiteMinder r12.52
Version 2.0
Windows 64-bit Platforms
Hardware
Processor: Intel Pentium or AMD Opteron
Processor Speed: 2GHz or higher
Memory: 16 GB recommended
The memory usage will vary depending on whether memory caching is used and the size/ number of the
entries to be cached.
Hard Drive: 100 GB of disk space
The hard disk usage will vary depending on log types/levels that are enabled and the desired log history to
maintain.
Software
Operating System: Windows 2003, or 2008 R2 Server, Windows Server 2012
Linux 64-bit Platforms
Hardware
Processor: Intel Pentium or AMD Opteron
Processor Speed: 2GHz or higher
Memory: 16 GB recommended
The memory usage will vary depending on whether memory caching is used and the size/number of the
entries to be cached.
Hard Drive: 100 GB of disk space
The hard disk usage will vary depending on log types/levels that are enabled and the desired log history to
maintain.
Software
Operating System: Red Red Hat Linux ES 2.1 or above, Red Hat 8 or above, CentOS v5.3, SUSE Linux
Enterprise v10 or above, Ubuntu 9 or above
Linux Enterprise v10 or above, Ubuntu 9 or above
To test this integration, RadiantOne was installed on Windows Server 2008 R2.
The version of RadiantOne configured was VDS 7.1.5.
The versions of CA SiteMinder tested were r12.5, r12.51, r12.52.
You can find more information on the latest system requirements on our website: www.radiantlogic.com or by
contacting our support team at [email protected].
Integration Details
Page 3 of 10
October 2014
Partner Solution Brief
RadiantOne VDS 7.1.5 Integration notes for CA SiteMinder r12.52
Version 2.0
Configuring SiteMinder to Leverage VDS as a User Directory
It is assumed that RadiantOne is already installed. RadiantOne is typically installed on a dedicated server and is
usually not running on the same server as the SiteMinder Policy Store.
RadiantOne VDS provides an LDAP or LDAPS interface that you can use to connect SiteMinder to VDS. You can
follow the user directory configuration instructions in the Policy Server Configuration Guide to point SiteMinder to
VDS. The configuration steps are similar to CA directory or other LDAP directories. (Look for the page “Configure
CA Directory User Directory Connections”).
Here are some high level steps for SiteMinder r12.5, r12.51, and r12.52:
1.
Launch the SiteMinder Admin UI.
2.
Select ‘Infrastructure’, ‘Directories’, ‘User Directory’.
3.
Click ‘Create User Directory’, and then create an LDAP based user directory based on the SiteMinder
configuration guide.
Below is an example of SiteMinder r12.52 configuration:
Page 4 of 10
October 2014
Partner Solution Brief
RadiantOne VDS 7.1.5 Integration notes for CA SiteMinder r12.52
Version 2.0
Configuring SiteMinder to use RadiantOne VDS as a Policy Store
RadiantOne VDS can function as a policy store. A single directory instance can function as:
Policy Store/Key Store
Gather Directory Server Information
Gather Directory Server Information
Configuring an LDAP directory server as a policy store or upgrading an existing policy store requires specific
directory server information. Gather the following information before beginning. You can use the Policy Store
Worksheets to record your values.
Host Information - fully qualified host name or the IP Address of the directory server.
Port Information – specifies a non-standard port.
Administrative DN – Specifies the LDAP User name of a user who has privilege to create, read, modify, and delete
objects in the LDAP tree underneath the policy store root object.
Administrative Password – specifies the password for the Administrative DN.
Policy Store root DN – specifies the distinguished name of the node in the LDAP tree where policy store objects are
to be defined.
SSL client certificate – specifies the pathname of the directory where the SSL client certificate database file resides.
Configure the Policy Store
The steps required to configure RadiantOne as the SiteMinder Policy Store are summarized below.
1.
Extend the VDS Schema
2.
Create the Storage in VDS
3.
Point the Policy Server to theVDS
4.
Set the CA SiteMinder® superuser password
5.
Import the policy store data definitions
6.
Import the default policy store objects
7.
Prepare for the Administrative UI registration
Extend the VDS Schema
First, modify the VDS schema to support the SiteMinder Policy Store objects and attributes.
1.
On the RadiantOne machine, navigate to <RLI_HOME>\vds_server\schema_extension.
2.
Copy ldapschema_11.ldif.
3.
Navigate to <RLI_HOME>\vds_server\conf\ and paste the schema file here.
Page 5 of 10
October 2014
Partner Solution Brief
RadiantOne VDS 7.1.5 Integration notes for CA SiteMinder r12.52
Version 2.0
4.
Rename the ldapschema_11.ldif file to ldapschema_<2 digit number greater than the existing file
names>.ldif e.g.: (ldapschema_99.ldif).
5.
Restart the VDS.
Create the Storage in VDS
1.
In the VDS Control Panel, Directory tab, Configuration sub-tab, right-click on Root Naming Contexts and
create a new naming context named: dc=policystore and choose ‘HDAP Store’ as the type.
Note: all the attributes are indexed be default when you use HDAP Store.
2.
Click Next and then OK.
3.
Once the naming context is created, select the Advanced Settings Tab.
4.
Check Enable Real-Time Search parameter.
5.
Click Save.
Page 6 of 10
October 2014
Partner Solution Brief
RadiantOne VDS 7.1.5 Integration notes for CA SiteMinder r12.52
Version 2.0
Note: uncheck this parameter after policy Store configuration is complete!
6.
Click on the Directory Tab, Directory Tree sub-tab.
7.
Navigate to the dc=policystore entry. Right-click on it and choose New Organizational Unit.
8.
Name the the ‘ou’, ‘netegrity’.
9.
Right-click on ou=netegrity and choose New Organizational Unit.
Page 7 of 10
October 2014
Partner Solution Brief
RadiantOne VDS 7.1.5 Integration notes for CA SiteMinder r12.52
Version 2.0
10. Name the ‘ou’, ‘siteminder’.
11. Right-click on ou=siteminder and choose New Organizational Unit.
12. Name the ‘ou’, ‘PolicySvr4’.
13. Right-click on ou=PolicySvr4 and choose New Organizational Unit.
14. Name the ‘ou’, ‘xps’.
Point the Policy server to the VDS
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
Open the SiteMinder Policy Server Management Console.
Click the Data Tab.
Select the “Policy Store” from the Database list.
Select “LDAP” from the Storage list.
Configure the LDAP Server settings.
Click Apply.
Click Test LDAP connection to verify Policy Server can access the policy Store.
Select the “Key Store” value from the database list.
Select “LDAP” from the storage list.
Select “Use Policy Store Database” option.
Click Ok.
Set the SiteMinder Super User Password
To set the SiteMinder password, you will need to:
1.
Copy the smreg.exe file that comes with the installer for the policy server to the SiteMinder policy store
bin directory (ex: C:\Program Files (x86)\CA\siteminder\bin).
2.
Open a command prompt, navigate to the bin directory of SiteMinder and execute the following
command:
smreg –su <password>
Page 8 of 10
October 2014
Partner Solution Brief
RadiantOne VDS 7.1.5 Integration notes for CA SiteMinder r12.52
Version 2.0
Import the Policy Store Data Definitions
Importing the policy store data definitions defines the type of objects that can be created and stored in the policy
store.
From a command-line, on the SiteMinder policy store server, execute the following (change the paths to match
your policy server installation if needed):
"c:\Program Files (x86)\CA\siteminder\bin\XPSDDInstall.exe" "C:\Program Files
(x86)\CA\siteminder\xps\dd\SmMaster.xdd" –vT
Import the Default Policy Store Objects
Importing the default policy store objects configures the policy store for use with the Administrative UI and Policy
Server.
From a command-line, execute the following (change the paths to match your policy server installation if needed):
"C:\Program Files (x86)\CA\siteminder\bin\XPSImport.exe" "C:\Program Files
(x86)\CA\siteminder\db\smpolicy.xml" –npass –vT
Note - After importing the default policy store objects restart the policy server.
Prepare for the Administrative UI Registration
xpsRegclient supplies the policy server with the administrator credentials. The policy server uses these credentials
to verify the registration request when you log into the Admin UI for the first time.
1.
2.
3.
Log into the Policy Server Host System.
Run the following command:
XPSRegclient siteminder[:passphrase] –adminui-setup –vT
Press Enter.
ample Use Case
Sample Use Case Scenario
Radiant Logic has many joint customers with CA who are using SiteMinder with VDS, including AON and Coca Cola.
The main driver is Mergers & Acquisitions and the main use case for all these customers is to use VDS as a single
user directory for SiteMinder (as the “only” user directory).
Using VDS as a user directory greatly simplifies the configuration changes needed in SiteMinder due to the addition
of a new user population: VDS is in charge of the identity integration and provides a single access point for
authentication. It can also consolidate user attributes coming from multiple places in a global user profile and
enable fine grained access policies. No need to modify each of the SiteMinder domains to add a new user
directory, and then have to modify the policies and other artifacts to integrate the new identities: all the changes
can be done at the VDS layer without impacting SiteMinder.
Page 9 of 10
October 2014
Partner Solution Brief
RadiantOne VDS 7.1.5 Integration notes for CA SiteMinder r12.52
Version 2.0
Sample Use Case
Contact Information
Radiant Logic, Inc.
75 Rowland Way, Suite 300
Novato, CA 94945
Phone: 415-209-6800
Fax: 415-798-5697
Email: [email protected]
Website: www.radiantlogic.com
CA Technologies
One CA Plaza
Islandia, NY 11749
Phone: 800-225-5224
Fax: 631 342-6800
Email: [email protected]
Website: support.ca.com
Support
For any question regarding this integration, please contact us at [email protected] or via phone:
Toll Free Number: 1.877.727.6442 (x2)
Tel: 1.415.209.6800 (x2)
Appendices
Page 10 of 10
October 2014
RadiantOne VDS 7.1.5 Integration notes for CA SiteMinder r12.52
Version 2.0
Radiant Logic, Inc.
Radiant Logic, Inc. is the market-leading provider of identity virtualization solutions. Since pioneering the first
virtual directory in 2000, Radiant Logic has evolved its groundbreaking technology into a complete federated
identity service, enabling Fortune 1000 companies to solve their toughest identity integration and federation
challenges.
Using model-driven virtualization technology, the RadiantOne federated identity service builds customizable views
from disparate data silos, streamlining authentication and authorization for identity management, context-driven
applications, and cloud-based infrastructures.
Companies in a wide range of sectors rely on RadiantOne to deliver quick ROI by reducing administrative effort,
simplifying integration tasks, and enabling future identity and data management initiatives. Organizations such as
British Petroleum, Comcast, Defense Information Systems Agency, Federal Reserve Bank, Sony, Fifth Third Bank,
Air Force, Intel, and Symantec have all used the RadiantOne solution to speed deployment and cut costs.
In addition, Radiant is well known in the identity management industry, and was named a Gartner Cool Vendor in
2012. Partnerships with identity management software vendors—including CA, RSA/EMC, and Axiomatics—along
with professional services organizations—Accenture, Booz Allen Hamilton, and Deloitte—demonstrate the broad
impact of identity virtualization on the market.
Radiant Logic, Inc. is based in Novato, CA, with sales offices and distribution channels throughout the world.
Integration Summary
The RadiantOne federated identity service unifies your identity infrastructure, delivering a global list where every
user is represented only once so SiteMinder can authenticate efficiently, and building a complete identity profile
for each user to enable attribute sharing and fine-grained authorization.
Federating Identities through Virtualization
RadiantOne uses model-driven virtualization to externalize identity out of disparate silos and into a common,
interoperable service. This flexible, scalable infrastructure hides the heterogeneity of your existing identity
sources, providing simple, logical, standards-based access to all the identities within your organization—no matter
where or how they’re stored. With RadiantOne, all your applications get the identity they need, in a view they can
understand. This data drives every identity initiative, including web access management, directory integration, and
cloud federation. RadiantOne makes it easy to extend authentication across web and cloud applications, enable
SSO, enrich policies, speed deployments, and develop more personalized services.
Page 1 of 10
October 2014
Partner Solution Brief
RadiantOne VDS 7.1.5 Integration notes for CA SiteMinder r12.52
Version 2.0
By creating a single access point, a federated identity service enables SiteMinder to access identities from across
the infrastructure, so you can extend the schemas of underlying data sources with application-specific attributes,
without touching the stores themselves. This allows you to quickly add new services—even ones with specific
attributes not already contained in your data sources—and extend them to new populations, all without having to
change SiteMinder policies.
RadiantOne Virtual Directory Server (VDS) is the main component of the federated identity service.
VDS in Your SiteMinder Deployment:
Integrates identities to create a single account, including a unified policy profile for each user.
Establishes and maintains correlations between disparate accounts.
Offers a high-performance, high-availability LDAP V.3 directory service that’s scalable.
Makes all identity information available in real-time.
Builds a flexible infrastructure that can be re-used across any IdM or related initiative.
System Requirements
RadiantOne VDS is based on Java technologies and Radiant Logic currently provides installers containing all the
pre-requisites (except the Flash plug-in used by administration interfaces) for Windows and Linux. The Flash plugin does not necessarily need to be installed on the server but on the administrative clients.
Here are more details on the supported platforms as of July 2013:
Page 2 of 10
October 2014
Partner Solution Brief
RadiantOne VDS 7.1.5 Integration notes for CA SiteMinder r12.52
Version 2.0
Windows 64-bit Platforms
Hardware
Processor: Intel Pentium or AMD Opteron
Processor Speed: 2GHz or higher
Memory: 16 GB recommended
The memory usage will vary depending on whether memory caching is used and the size/ number of the
entries to be cached.
Hard Drive: 100 GB of disk space
The hard disk usage will vary depending on log types/levels that are enabled and the desired log history to
maintain.
Software
Operating System: Windows 2003, or 2008 R2 Server, Windows Server 2012
Linux 64-bit Platforms
Hardware
Processor: Intel Pentium or AMD Opteron
Processor Speed: 2GHz or higher
Memory: 16 GB recommended
The memory usage will vary depending on whether memory caching is used and the size/number of the
entries to be cached.
Hard Drive: 100 GB of disk space
The hard disk usage will vary depending on log types/levels that are enabled and the desired log history to
maintain.
Software
Operating System: Red Red Hat Linux ES 2.1 or above, Red Hat 8 or above, CentOS v5.3, SUSE Linux
Enterprise v10 or above, Ubuntu 9 or above
Linux Enterprise v10 or above, Ubuntu 9 or above
To test this integration, RadiantOne was installed on Windows Server 2008 R2.
The version of RadiantOne configured was VDS 7.1.5.
The versions of CA SiteMinder tested were r12.5, r12.51, r12.52.
You can find more information on the latest system requirements on our website: www.radiantlogic.com or by
contacting our support team at [email protected].
Integration Details
Page 3 of 10
October 2014
Partner Solution Brief
RadiantOne VDS 7.1.5 Integration notes for CA SiteMinder r12.52
Version 2.0
Configuring SiteMinder to Leverage VDS as a User Directory
It is assumed that RadiantOne is already installed. RadiantOne is typically installed on a dedicated server and is
usually not running on the same server as the SiteMinder Policy Store.
RadiantOne VDS provides an LDAP or LDAPS interface that you can use to connect SiteMinder to VDS. You can
follow the user directory configuration instructions in the Policy Server Configuration Guide to point SiteMinder to
VDS. The configuration steps are similar to CA directory or other LDAP directories. (Look for the page “Configure
CA Directory User Directory Connections”).
Here are some high level steps for SiteMinder r12.5, r12.51, and r12.52:
1.
Launch the SiteMinder Admin UI.
2.
Select ‘Infrastructure’, ‘Directories’, ‘User Directory’.
3.
Click ‘Create User Directory’, and then create an LDAP based user directory based on the SiteMinder
configuration guide.
Below is an example of SiteMinder r12.52 configuration:
Page 4 of 10
October 2014
Partner Solution Brief
RadiantOne VDS 7.1.5 Integration notes for CA SiteMinder r12.52
Version 2.0
Configuring SiteMinder to use RadiantOne VDS as a Policy Store
RadiantOne VDS can function as a policy store. A single directory instance can function as:
Policy Store/Key Store
Gather Directory Server Information
Gather Directory Server Information
Configuring an LDAP directory server as a policy store or upgrading an existing policy store requires specific
directory server information. Gather the following information before beginning. You can use the Policy Store
Worksheets to record your values.
Host Information - fully qualified host name or the IP Address of the directory server.
Port Information – specifies a non-standard port.
Administrative DN – Specifies the LDAP User name of a user who has privilege to create, read, modify, and delete
objects in the LDAP tree underneath the policy store root object.
Administrative Password – specifies the password for the Administrative DN.
Policy Store root DN – specifies the distinguished name of the node in the LDAP tree where policy store objects are
to be defined.
SSL client certificate – specifies the pathname of the directory where the SSL client certificate database file resides.
Configure the Policy Store
The steps required to configure RadiantOne as the SiteMinder Policy Store are summarized below.
1.
Extend the VDS Schema
2.
Create the Storage in VDS
3.
Point the Policy Server to theVDS
4.
Set the CA SiteMinder® superuser password
5.
Import the policy store data definitions
6.
Import the default policy store objects
7.
Prepare for the Administrative UI registration
Extend the VDS Schema
First, modify the VDS schema to support the SiteMinder Policy Store objects and attributes.
1.
On the RadiantOne machine, navigate to <RLI_HOME>\vds_server\schema_extension.
2.
Copy ldapschema_11.ldif.
3.
Navigate to <RLI_HOME>\vds_server\conf\ and paste the schema file here.
Page 5 of 10
October 2014
Partner Solution Brief
RadiantOne VDS 7.1.5 Integration notes for CA SiteMinder r12.52
Version 2.0
4.
Rename the ldapschema_11.ldif file to ldapschema_<2 digit number greater than the existing file
names>.ldif e.g.: (ldapschema_99.ldif).
5.
Restart the VDS.
Create the Storage in VDS
1.
In the VDS Control Panel, Directory tab, Configuration sub-tab, right-click on Root Naming Contexts and
create a new naming context named: dc=policystore and choose ‘HDAP Store’ as the type.
Note: all the attributes are indexed be default when you use HDAP Store.
2.
Click Next and then OK.
3.
Once the naming context is created, select the Advanced Settings Tab.
4.
Check Enable Real-Time Search parameter.
5.
Click Save.
Page 6 of 10
October 2014
Partner Solution Brief
RadiantOne VDS 7.1.5 Integration notes for CA SiteMinder r12.52
Version 2.0
Note: uncheck this parameter after policy Store configuration is complete!
6.
Click on the Directory Tab, Directory Tree sub-tab.
7.
Navigate to the dc=policystore entry. Right-click on it and choose New Organizational Unit.
8.
Name the the ‘ou’, ‘netegrity’.
9.
Right-click on ou=netegrity and choose New Organizational Unit.
Page 7 of 10
October 2014
Partner Solution Brief
RadiantOne VDS 7.1.5 Integration notes for CA SiteMinder r12.52
Version 2.0
10. Name the ‘ou’, ‘siteminder’.
11. Right-click on ou=siteminder and choose New Organizational Unit.
12. Name the ‘ou’, ‘PolicySvr4’.
13. Right-click on ou=PolicySvr4 and choose New Organizational Unit.
14. Name the ‘ou’, ‘xps’.
Point the Policy server to the VDS
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
Open the SiteMinder Policy Server Management Console.
Click the Data Tab.
Select the “Policy Store” from the Database list.
Select “LDAP” from the Storage list.
Configure the LDAP Server settings.
Click Apply.
Click Test LDAP connection to verify Policy Server can access the policy Store.
Select the “Key Store” value from the database list.
Select “LDAP” from the storage list.
Select “Use Policy Store Database” option.
Click Ok.
Set the SiteMinder Super User Password
To set the SiteMinder password, you will need to:
1.
Copy the smreg.exe file that comes with the installer for the policy server to the SiteMinder policy store
bin directory (ex: C:\Program Files (x86)\CA\siteminder\bin).
2.
Open a command prompt, navigate to the bin directory of SiteMinder and execute the following
command:
smreg –su <password>
Page 8 of 10
October 2014
Partner Solution Brief
RadiantOne VDS 7.1.5 Integration notes for CA SiteMinder r12.52
Version 2.0
Import the Policy Store Data Definitions
Importing the policy store data definitions defines the type of objects that can be created and stored in the policy
store.
From a command-line, on the SiteMinder policy store server, execute the following (change the paths to match
your policy server installation if needed):
"c:\Program Files (x86)\CA\siteminder\bin\XPSDDInstall.exe" "C:\Program Files
(x86)\CA\siteminder\xps\dd\SmMaster.xdd" –vT
Import the Default Policy Store Objects
Importing the default policy store objects configures the policy store for use with the Administrative UI and Policy
Server.
From a command-line, execute the following (change the paths to match your policy server installation if needed):
"C:\Program Files (x86)\CA\siteminder\bin\XPSImport.exe" "C:\Program Files
(x86)\CA\siteminder\db\smpolicy.xml" –npass –vT
Note - After importing the default policy store objects restart the policy server.
Prepare for the Administrative UI Registration
xpsRegclient supplies the policy server with the administrator credentials. The policy server uses these credentials
to verify the registration request when you log into the Admin UI for the first time.
1.
2.
3.
Log into the Policy Server Host System.
Run the following command:
XPSRegclient siteminder[:passphrase] –adminui-setup –vT
Press Enter.
ample Use Case
Sample Use Case Scenario
Radiant Logic has many joint customers with CA who are using SiteMinder with VDS, including AON and Coca Cola.
The main driver is Mergers & Acquisitions and the main use case for all these customers is to use VDS as a single
user directory for SiteMinder (as the “only” user directory).
Using VDS as a user directory greatly simplifies the configuration changes needed in SiteMinder due to the addition
of a new user population: VDS is in charge of the identity integration and provides a single access point for
authentication. It can also consolidate user attributes coming from multiple places in a global user profile and
enable fine grained access policies. No need to modify each of the SiteMinder domains to add a new user
directory, and then have to modify the policies and other artifacts to integrate the new identities: all the changes
can be done at the VDS layer without impacting SiteMinder.
Page 9 of 10
October 2014
Partner Solution Brief
RadiantOne VDS 7.1.5 Integration notes for CA SiteMinder r12.52
Version 2.0
Sample Use Case
Contact Information
Radiant Logic, Inc.
75 Rowland Way, Suite 300
Novato, CA 94945
Phone: 415-209-6800
Fax: 415-798-5697
Email: [email protected]
Website: www.radiantlogic.com
CA Technologies
One CA Plaza
Islandia, NY 11749
Phone: 800-225-5224
Fax: 631 342-6800
Email: [email protected]
Website: support.ca.com
Support
For any question regarding this integration, please contact us at [email protected] or via phone:
Toll Free Number: 1.877.727.6442 (x2)
Tel: 1.415.209.6800 (x2)
Appendices
Page 10 of 10
October 2014
