Assign an Authorization Directory to a Realm

Policy Server Guides › Policy Design Guide › Directory Mapping › Configure a Directory Mapping › Assign an Authorization Directory to a Realm

Assign an Authorization Directory to a Realm

The Policy Server assumes a user is authenticated and authorized in a single user directory. In order for the Policy Server to authenticate a user in one directory and authorize a user in another directory, you must assign a directory mapping to specific realms. Once a directory mapping is assigned to a realm, the Policy Server uses the authorization directory specified in the realm to authorize users.

To assign a directory mapping to a realm

Open the SiteMinder Realm dialog for the realm to which you want to assign a directory mapping.
In the Advanced group box, click on the Directory Mapping tab.
From the drop-down list, select the user directory that the realm should use for authorizing an authenticated user.
A value of Default indicates that there is no directory mapping; the authentication directory will be used as the authorization directory when a user attempts to access a resource in the realm.

Note: This list contains only those user directories that have been configured as authorization directories in an existing directory mapping.
Click OK.
The Policy Server saves your changes and closes the SiteMinder Realm dialog. Users that try to access the realm will authenticate normally. Once they are authenticated, the existence of the authorization directory for the realm forces the Policy Server to search for an appropriate directory mapping. The Policy Server looks for a directory mapping that uses the authorization directory indicated by the realm and the user directory against which the user is authenticated.

More information:

Configure a Realm

Email CA Technologies about this topic