Account Portal
Hjem  »  Produkter  »  Policy Compare Tool for CA SiteMinder
Produkter

One of the hardest challenges with complex SiteMinder implementations is that of keeping the SiteMinder policy definitions consistent across multiple environments. Ideally, your organization has established policy migration processes, so that changes are made in lower environments and then automatically pushed into production. However, the reality is that many environments rely on scripted or manual processes for creating policies in multiple environments, and over time the environments diverge due to manual errors, inconsistent naming conventions, changes made during troubleshooting, and so forth.

The Policy Compare Tool allows you to quickly pinpoint differences between SiteMinder environments. It provides a convenient GUI for comparing two policy stores, and presents all of the differences found in a tree structure that is easy to drill down into.

Furthermore, it even allows you to create "map" files to identify known differences or to compare otherwise dissimilar objects.

Figure 2: Comparison results- this password policy has a different value for PWMinAlpha in the two environments


Figure 1: specify the comparison parameters

The PCT provides the following advanced features:

  • Can compare entire policy stores, specific policy domains, or even specific policies
  • Automatically compares all dependent objects
  • Works with IdentityManager objects
  • Allows you to create token maps to eliminate known differences
    • For example, if you have an LDAP with root dc=mycompany,dc=dev in development, and dc=mycompany,dc=com in production, you can tell PCT to treat these as equivalent
    • This is similar in concept to the *.cfg file created by a policy export, but it can apply to any object property, even object names
  • Can compare objects by OID (for environments that use policy migration, and the OID's for objects are expected to remain consistent) or by name (for environments where policy creation is via script, API, or done manually, and the OID's are expected to be different)
  • Can automatically download policy stores from remote servers
  • Can be launched as a GUI or as a command-line tool
  • Can generate comparison reports as text, HTML, or XML

Figure 4: XML Report


Figure 3: HTML Report

The PCT is written in 100% Java and can be run on any machine with a JRE 1.4 or higher.

Contact Skyworth TTG for sales and technical questions.

Produkter
Tjenester
Løsninger
Om
Copyright © 2003-2012 Skyworth创维TTG Holdings Limited. All rights reserved.