With SiteMinder configured with Advanced Password Services, is there a way to disable APS's adding/updating smaps attribute for users in a certain user directory or for a domain? We have an Active Directory user store, of which the schema doesn't allow APS to create smaps attributes, and we don't have an intention to change the schema. We can ignore the errors generated for failing to update the user profile. However, it impacts performance also. So, we want to disable creating/updating smaps attribute for the Active Directory. If it cannot be done at that level, can we disable it at a domain level?
With SiteMinder configured for Advanced Password Services, the Policies defined in the APS.cfg file apply to all User Directory Definitions defined for the Policy Server. There is currently no method to allow limiting APS Password Policies at the Directory/Domain level.
Release : 12.8
Component : SITEMINDER ADVANCED PASSWORD SERVICES
The following steps can be used to disable Advanced Password Services for a Policy Server where is is configured;
1. Stop Policy Server
2. Rename SMAPS.dll from SiteMinder bin folder (libsmaps.so from SiteMinder lib folder in Linux )
3. Rename APS.cfg from SiteMinder bin folder
4. Restart Policy Server