Enhanced Active Directory integration pre-requisites for Policy Server
search cancel

Enhanced Active Directory integration pre-requisites for Policy Server

book

Article ID: 54428

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On SITEMINDER

Issue/Introduction

 

To have a better integration between SiteMinder and Active Directory as a User Store, activate Enhanced Active Directory Integration. This will synchronize Active Directory attributes with SiteMinder attributes for password and user management:

accountExpires
badPasswordTime
badPwdCount
lastLogon
lastLogonTimestamp
lockoutDuration
lockoutTime
pwdLastSet
pwdMaxAge
unicodePwd
userAccountControl

 

Resolution

 

To make this work:

  1. Use "LDAP NameSpace" for the User Directory definition.
  2. Set up a "Secure connection" between Active Directory (AD) and the Policy Server.
  3. Set up "User Attributes" of the directory definition (they will be synchronized with Active Directory (AD) attributes).
  4. Enable the "Enhanced Active Directory Integration" in the "Global Settings" in the AdminUI.
Powered by Wolken Software