Configuration GuideSiteMinder IntegrationSiteMinder OperationsHow to Configure Access RolesHow to Create an Access Role › Define Admin Policies for an Access Role

Previous Topic: Define Member Policies for an Access Role

Next Topic: Define Owner Rules for an Access Role
Define Admin Policies for an Access Role

An admin policy defines admin rules, scope rules, and administrator privileges for a role. You can define several admin policies for a role. Each policy indicates that if an administrator meets the condition in the admin rule, that administrator has the scope and administrator privileges defined for the policy.

To define admin policies for access roles

  1. Select the Administrators tab for the access role.
  2. If you want to make the Manage Administrators option available, enable the Administrators can add and remove administrators of this role check box.

    Once you enable this feature, define the actions for when a user is added or removed as an administrator of the role.

  3. On the Administrators tab, add admin policies that include admin and scope rules and administrator privileges. Each policy needs at least one privilege (Manage Members or Manage Administrators).

    You can add several admin policies with different rules and different privileges for administrators who meet the rule.

    Note: Define admin policies that use only directory attributes, for example: title=Manager.If you define admin policies that include references to objects that are not stored in the user directory, such as admin roles, SiteMinder will not be able to resolve the reference.

  4. To edit a policy, click the arrow symbol on the left. To remove it, click the minus sign icon.
  5. Continue with the next section, Define Owner Rules for an Access Role.