Installation and Upgrade Guides › Policy Server Installation Guide › Installing the Policy Server on UNIX Systems › How to Prepare the Policy Server for the Web Agent Installation

How to Prepare the Policy Server for the Web Agent Installation

Before installing the Web Agent, you must have installed the Policy Server and configured the policy and key stores. Before an administrator registers a trusted host at the Web Agent site, the following objects must be configured in the Policy Server User Interface:

• A SiteMinder Administrator that has the right to register trusted hosts.

  A trusted host is a client computer where one or more SiteMinder Web Agents are installed. The term trusted host refers to the physical system. There must be an administrator that you create in the Policy Server User Interface with the specific privilege to register trusted hosts. The default SiteMinder administrator, which you created during installation, already has these rights.

  To see if an administrator has these rights, check the administrator’s properties using the Policy Server User Interface and make sure Register Trusted Hosts is checked.

  Note: For instructions on how to create a new administrator with rights to register trusted hosts, see the Policy Design guide.

• Host Configuration Object

  Defines the communication between the trusted host and the Policy Server after the initial connection between the two is made. Do not confuse this object with the trusted host’s configuration file, SmHost.conf, which is installed at the trusted host after a successful host registration.

  The settings in the SmHost.conf file enable the host to connect to a Policy Server for the first connection only. Subsequent connections are governed by the Host Configuration Object.

  Note: For instructions on how to copy, create, and modify Host Configuration Objects in the Policy Server User Interface, see the Policy Design guide.

• Agent Configuration Object

  Holds parameter names and values for Web Agents and are the counterpart to Web Agent Configuration Files.

  • For all Agents

    The Agent Configuration Object must include a value for the DefaultAgentName. The DefaultAgentName identifies the Agent identity that the Web Agent uses when it detects an IP address on its Web server that does not have an Agent identity assigned to it. By default, the default Agent name is the name of the installed Web Agent.

  • For Domino Web Agents

    The Agent Configuration Object must include values for the following parameters:

    DominoDefaultUser-If the user is not in the Domino Directory, and they have been authenticated by SiteMinder against another user directory, this is the name by which the Domino Web Agent identifies that user to the Domino server. This value is encrypted.

    DominoSuperUser-Ensures that all users successfully logged into SiteMinder will be logged into Domino as the Domino SuperUser.

  • For IIS Web Agents

    The Agent Configuration Object must include values for the DefaultUserName and DefaultPassword parameters.

    DefaultUserName and DefaultPassword-Identify an existing Windows user account that has sufficient privileges to access resources on an IIS Web server protected by SiteMinder. When users want to access resources on an IIS Web server protected by SiteMinder, they may not have the necessary server access privileges. The Web Agent must use this Windows user account, which is previously assigned by an Windows administrator, to act as a proxy user account for users granted access by SiteMinder.

Note: For instructions on how to copy, create, and modify Agents and Agent Configuration Objects in the Policy Server User Interface, see the Policy Design guide. For Agent parameter descriptions, see the Web Agent Guide.