Previous Topic: Policy Server ManagementNext Topic: Starting and Stopping the Policy Server


Policy Server Management Tasks

As a Policy Server administrator, you are responsible for system-level configuration and tuning of the SiteMinder environment, monitoring and ensuring its performance, as well as management of users and user sessions as necessary.

You perform most fundamental system configuration and management tasks using the Policy Server Management Console. Others tasks are performed using the Administrative UI.

Policy Server management tasks include:

Policy Server Management Console

The Policy Server Management Console (or Management Console) provides a range of Policy Server configuration and system management options. The Management Console has a tab-based user interface in which information and controls are grouped together by function and presented together on tabs in a single window.

Important! The Policy Server Management Console should only be run by users who are members of the administrator group in Microsoft Windows.

Start the Management Console

Follow these steps:

Note: To run the Policy Server Management Console on UNIX:

Save Changes to Management Console Settings

On any tab in the Management Console, click:

Note: You must stop and restart the Authentication and Authorization processes to put Management Console settings changes into effect. The Policy Server cannot use the new settings until these services restart.

Policy Server User Interface

The browser–based CA CA SiteMinder® Administrative UI primarily enables management of Policy Server objects, but also provides some system management functionality.

To access the Administrative UI

  1. Do one of the following:
  2. Enter a valid user name and password.

    If you are accessing the Policy Server for the first–time, use the default superuser administrator account, which you created during Policy Server installation.

  3. Click Log In.

    The Administrative UI opens.

    The contents of the window depend on the privileges of the administrator account you used to log in. You only see the items to which your account has access.

Grant Access to XPS Tools

Access to the XPS tools included with CA SiteMinder® must be granted to individual users by an Administrator using the Administrative UI.

Follow these steps:

  1. Log in to the Administrative UI.
  2. Click the Administration, Administrator, Administrators.
  3. Do one of the following:
  4. Enter a name and an optional description in the respective fields.
  5. Enter a user path or click Lookup to select an existing user path.

    Note: The user path (specified in the Administrative UI or with the XPSSecurity tool by an Administrator) is required for write access to any of the settings controlled by the XPS Tools. A user path has the following format:
    namespace://directory_server/DN or Login_for_OS

  6. (Optional) Select the Super User option to grant super user rights.
  7. Select any of the following command line tools in the Access Methods section:
    XPSEvaluate Allowed

    Grants access to the XPS expression evaluation tool.

    XPSExplorer Allowed

    Grants access to the tool that edits the XPS database.

    XPSRegClient Allowed

    Grants access to the XPS tool that registers Web Access Managers or Reports servers as privileged clients.

    XPSConfig Allowed
    Grants access to the tool that examines and configures XPS settings in XPS-aware products.XPSSecurity Allowed

    Grants access to the security tool which creates XPS users and specifies their XPS-related privileges.

  8. Click Submit.

    The administrator has permission to use the selected XPS tools.

More information:

Add Event Handler Libraries