Configuration Guides › Policy Configuration Guide › Administrative User Interface Management › SiteMinder Administrators

SiteMinder Administrators

A SOA Security Manager administrator is anyone who has access to Policy Server objects and tools. Depending on a person's role in an organization, SOA Security Manager administrators have access to different resources and features, and are responsible for different tasks.

The SOA Security Manager administrative model lets you implement fine-grained administrative privileges, so you can organize the management of Policy Server objects and SOA Security Manager tools across a few or many individuals in an organization.

Certain administrative responsibilities can overlap. For example, a Policy Manager and Sales Manager may both be able to make changes to the Sales policy domain and the objects in the policy domain.

When you install the Administrative UI, you specify a default administrator account during the Administrative UI registration process. This account has maximum privileges, and with it you can create additional administrator accounts to distribute administrative tasks.

The following administrators can be configured in the Administrative UI; they serve different functions:

• Administrator

  An administrator can do the following:

  • manage the SOA Security Manager Administrative UI
  • manage Policy Server tools, such as XPSImport, XPSExport, smobjimport, and smobjexport.

  When you configure an administrator to manage the Administrative UI, the privileges granted to the administrator control what he sees in the Administrative UI. You can create administrators and assign privileges to each administrator to match the administrative roles that exist in your organization.

• Legacy Administrator

  A legacy administrator has the ability to manipulate the Policy Management API. If your environment includes a script or program that uses the Policy Management API, you need to create a legacy administrator that has authentication privileges to execute the functions via the Policy Management API.

  In addition to the API function, the legacy administrator can be a Trusted Host Administrator. A Trusted Host administrator has the right to run the host registration process for a host where a SOA Security Manager Agent resides, enabling the Agent to communicate with the Policy Server.