CA Identity Manager Configuration Guide › CA Identity Manager Protection › Management Console Security › Use CA SiteMinder® to Secure the Management Console

Use CA SiteMinder® to Secure the Management Console

To protect the Management Console initially, you can create a CA SiteMinder® policy.

A CA SiteMinder® policy identifies a resource that you want to protect, such as the Management Console, and grants a set of users access to that resource.

Follow these steps:

1. (CA Identity Manager 12.6 or higher only) Disable native security for the Management Console.
2. Log in to one of the following interfaces as an administrator with Domain privileges:
   • For CA CA SiteMinder® r12 or higher, log in to the Administrative UI.
   • For CA CA SiteMinder® 6.0 SPx, log in to the Policy Server User Interface.

   Note: For information on using these interfaces, see the documentation for the version of CA SiteMinder® that you are using.

3. Locate the policy domain for the appropriate CA Identity Manager Environment.

   This domain is created automatically when CA Identity Manager integrates with CA SiteMinder®. The domain name has the following format:

   Identity Manager-environmentDomain

   In this format, Identity Manager-environment specifies the name of the environment you are modifying. For example, when the name is employees, the domain name is employeesDomain.

4. Create a realm with the following resource filter:

   /iam/immanage/

5. Create a rule for the realm. Specify an asterisk (*) as the filter to protect all pages in the Management Console.
6. Create new a policy and associate it with the rule you created in the previous step.

   Be sure to associate users who can access the Management Console with the policy.

7. Restart the application server.