This section contains the following topics:
Administrative UI New Look and Feel
Enhanced Session Assurance with DeviceDNA™
Enhanced User Disambiguation Using Windows and Kerberos Authentication
CA Directory Password Policy Control
The CA SiteMinder® Administrative UI is now refreshed to meet the CA standard for controls, fonts, colors, icons, and images. Frames now use the accordion-style navigation for simpler menu selections. The steps in the configuration wizards have a new, more colorful look. Both changes improve the navigation and ease of configuration.
This release introduces Enhanced Session Assurance with DeviceDNA™
Enhanced Session Assurance with DeviceDNA™ helps prevent unauthorized users from hijacking legitimate sessions with stolen cookies. The session clients are validated using the unique DeviceDNA™ that the product collects from the system of the user. This validation assures that the client who initiated the session is the same client that is requesting access. Users lacking valid DeviceDNA™ are denied access to protected resources.
For more information, see the Policy Server Configuration Guide.
This release includes the following enhancements to support user disambiguation for Windows and Kerberos authentication:
AD/LDAP Lookup Format:
CN=%{UID},CN=Users,DC=%{DOMAIN},DC=com
AD/LDAP Search Format:
(sAMAccountName=%{UID})
The new format is any combination of variables UID and DOMAIN without any supporting attribute names:
%{UID}
%{UID}@{DOMAIN}
You can configure the Policy Server to honor the CA Directory password policies. The Policy Server, together with a properly configured Web Agent, can send configured warnings and notifications that are based on the directory password policies to end-users.
Copyright © 2013 CA.
All rights reserved.
|
|