Latest version of SMPolicyReader, available at bottom of this post, last updated build 466 on 29-April-2019.
A lot has happened since Feb-2013 when this was first put into the communities. Mostly it is bug fixes, but there have been some large feature additions and look & feel changes. To help identify what has been added I will add links to articles that discuss any new features here : Recent SMPolicyReader articles :
Tech Note : Storing SSO policy changes in Revision Control - viewing changes
Tech Note : Howto place SSO policy changes under revision control using git
May - 2017
SMPolicyReader update - xcart - screen to check for xcart object references
Using SMPolicyReader to generate xcart selection. Dec-2016
Siteminder Policy Reader Attached is a java Siteminder Policy Reader tool, that has been developed internally by CA Support engineers for use within CA Siteminder Support. Given that CA Siteminder customers, face similar issues with viewing exported XPS & SMDIF policy stores, it was felt that this was a good candidate tool, even though it is at a fairly early stage of development, for release on the CA community website.Here is a quick list of features:
SMPolicyReader Demonstration Video The best way to see what it can do is to watch the video demonstration : http://youtu.be/71lEVt-GfZw (please excuse the presenter, he will re-record the sound sometime in the near futher, with less stuttering)
Screenshots of SMPolicyReader in use: This is the main tree and selected object display. Note the "<" and ">" toolbar buttons for navigating your viewing history, the "find" tool bar buttons, and the three tabs for the object "Properties", which is what is displaying, "Stats" which displays some summary details for the object and "References" which displays all of the links to this object. Properties, Child tables and Reference tables are all navigatable by double clicking on the row/child object, and if it is a link it will navigate you to that object (you can then user the back button "<" to return). This is the browse All Objects screen. You can see all the Xid, Object Name and Class Name in the table, it can be filtered and sorted to pick up the items you want to view (for example you can enter Xid or part of Xid here, to find your object). You then have the choice of showing that object in the main policy browser tree, or showing it in a detached window. This is the Detached Object View, with references tab selected. You can have as many of these open as you like, double clicking on any of the references (or properties) will show the referece object/properties i the main policy tree window. The results of a compare operation. Added objects/properties are shown in dark blue, deleted are displayed in red strikethought, and changed objects are shown in bold black. Comparison can be done by Xid (default) or by Name, as set by the "Options" menu item.
Summary This is an internally generated tool, done by CA Support engineers and subject to the limitations of the disclaimer applied to this discussion group for uploads.
The SMPolicyReader is developed on a part time basis, so it is likely never to be complete, certainly there are bugs, limitations, and also many features we would like to add. But the tool has proved useful internally with CA Support, as it currently is and hope you find it useful as well.
We certainly welcome feedback; and these forums provide the best place to discuss and ask questions about the PolicyReader, but I am also avaialble via my CA email address, odoma04 at ca dot com
Cheers - Mark
Attached new SMPolicyReader dist : ALPHA-427 - (6-May-2017)
Added XCart screen to view (and then add) external obj references.
Added Env mode for storing/viewing policy under Git revision control.
Attached new SMPolicyReader dist : ALPHA-390 - (4-Apr-2017)
Fixed bug in setting links (it was seeing them as strings) in ldif import.
There is bunch of stuff for using policy store in revision control - but not in use yet.
Attached new SMPolicyReader dist : ALPHA-361 - (14-Dec-2016)
Added ability to build and edit xcart selection for use in xpsexport.
Attached new SMPolicyReader dist : ALPHA-355 - (12-Oct-2016)
*note* this one fixes a bug in the compare with ldif read - but I am a bit worried the scope of the change was big, so
354 may be better one to use - if you find a problem.
Attached new SMPolicyReader dist : ALPHA-354 - (11-Oct-2016)
(lots of other updates as well ) ... version 354- 360 from Oct-2016 - July-2017.
Last few versions have had the code for git commit and review revisions of policy store, as per the links at the top of the screen.
Last few versions have had the ability to do a load and export of xcart object lists. It can follow references as well, to easily add them - still one flaw here, since would be nice to recognise system object,s and when it needs to import whole object not just subcomponent /oid that it references into.
Fix display of attributes when loading policy store from: raw .ldif; direct read from ODBC; direct read from LDAP; and read from the .dumpLDAP and .dumpODBC files. Various improvements to mapping of the raw parameters to xps export type names.
Add extra tabs for: Config and Federation - so now from xpsexport it will show the parameter values and split all the Fed objects into its own tab.
Spent some time mapping fed objects to child objects for better display.
Update Alpha-466 (29-April-2019)
When reading from .ldif files (with tombstoned recorded) it report when it finds a tombstoned parent with active children (issue from support case that arose and was difficult to detect).
tlefam wrote:nice video.
tlefam wrote:do you know if the tool has the ability to find orphan object(s) such as this
Object #1396 has parent #1406, which does not exist
ttamu wrote:Wow! it's very useful for me!
There is no problem except that the multi byte character set (Japanese characters) of Desc field is garbled.
but it's not a big problem.
Quick question : I see the 'edit property value' option for the elements in the property window. But it does not seem to be usable.
petercyril wrote: Is this perhaps a future provision?
Great tool. I have been an SM admin for many years, and have used an older tool that was open source back in the day called Safe 2.0. This policy reader is much more usable and better designed. Thanks for publishing it.
My question or problem is that I have allways struggled to define and produce anything that states an all encomposing list of related objects for a domain. I'm in the middle of migration from V6.3 to SM12.5. It would be extremely usefull to have a way to pick a domain in this tool and generate a list of all the related objects, including sytem objects. IE agents, directories.
What I think would be cool is to have a report that says if you want to move this domain... here are all the things it would require you move with it.
Am I missing something about this tool? Is it possible for it to do what I'm asking it to do.
Any help would be appreciated...
Thanks - David