Layer7 Access Management

Expand all | Collapse all

Siteminder.. Application Monitor users

  • 1.  Siteminder.. Application Monitor users

    Posted 01-21-2013 06:19 PM
    Can anyone guide on What is the best way to handle monitor users

    1.
    The monitor users passwords shouldn’t expire ( which means not password policies should apply)
    2.
    The monitor users and regular user users reside in the same user stores
    3.
    All the password policies should implement on the regular users not on the monitor user (which monitors the applications availability)


    One of the option that I aware of is, making use of two different users stores and have the password policies on regular users policy store and relax the password policies on the user store which has the monitor users

    Thanks,
    Matheen


  • 2.  RE: Siteminder.. Application Monitor users

    Posted 01-22-2013 03:09 AM
    Hi,

    If you're relying on the password policy of your directory, this would depend on the product you're using.

    SiteMinder password policies can be configured so that they only apply to part of a directory. As a result you can limit the scope of such a password policy to a directory branch or specified attribute values.

    We're actively using this to apply dedicated password policies for specific branches + attribute values.


  • 3.  RE: Siteminder.. Application Monitor users

    Posted 01-22-2013 05:13 AM
    Hi Matheen,

    You can alternatively create another password policy which will apply of part of user directory, and don't give any expiration or details to it, also in Advanced Tab give the priority to it as 1 and give the priority to other password policy which applies to complete directory as 10 or higher, this will make the password policy applying for complete directory to apply first and will not be applied top policy applying for part of user directory.

    Evaluation priorities range from 0-999, where 999 is the highest.

    Hope this helps.

    Regards
    Vikas