Previous Topic: Define Member Policies for an Access RoleNext Topic: Define Owner Rules for an Access Role

Configuration GuideCA SiteMinder IntegrationSiteMinder OperationsHow to Configure Access RolesHow to Create an Access RoleDefine Admin Policies for an Access Role

Define Admin Policies for an Access Role

An admin policy defines admin rules, scope rules, and administrator privileges for a role. You can define several admin policies for a role. Each policy indicates that if an administrator meets the condition in the admin rule has the scope and administrator privileges that is defined for the policy.

Follow these steps:

  1. Select the Administrators tab for the access role.
  2. If you want to make the Manage Administrators option available, enable the Administrators can add and remove administrators of this role check box.

    Once you enable this feature, define the actions for when a user is added or removed as an administrator of the role.

  3. On the Administrators tab, add admin policies that include admin and scope rules and administrator privileges. Each policy needs at least one privilege (Manage Members or Manage Administrators).

    You can add several admin policies with different rules and different privileges for administrators who meet the rule.

    Note: Define admin policies that use only directory attributes, for example: title=Manager. If you define member policies referencing to those objects not stored in the user directory such as admin roles, SiteMinder cannot be able to resolve the reference.

  4. To edit a policy, click the arrow symbol on the left. To remove it, click the minus sign icon.
  5. Continue with the next section, Define Owner Rules for an Access Role.