SM Authorization Test

This test reports statistics pertaining to the user authorizations to the policy server.

Target of the test : A SiteMinder Policy server

Agent deploying the test : An internal agent

Outputs of the test : One set of results for every SiteMinder Policy server being monitored.

Configurable parameters for the test
Parameter Description

Test period

How often should the test be executed

Host

The host for which the test is to be configured.

Port

The port number of the administration service (see Figure 2) in the policy server

LogOption

Currently, this test collects measures by parsing the log files. Therefore, specify "logFile" as the LogOption. Future versions of eG may include support for database logging.

Path

The full path to the log file. For example, "D:\Progra~1\Netegrity\SiteMinder\Log\smaccess.log".

AgentNames

A comma-separated list of agent names.

Detailed Diagnosis

To make diagnosis more efficient and accurate, the eG Enterprise suite embeds an optional detailed diagnostic capability. With this capability, the eG agents can be configured to run detailed, more elaborate tests as and when specific problems are detected. To enable the detailed diagnosis capability of this test for a particular server, choose the On option. To disable the capability, click on the Off option.

The option to selectively enable/disable the detailed diagnosis capability will be available only if the following conditions are fulfilled:

  • The eG manager license should allow the detailed diagnosis capability
  • Both the normal and abnormal frequencies configured for the detailed diagnosis measures should not be 0.
Measurements made by the test
Measurement Description Measurement Unit Interpretation

Authorization accepts

The total number of users authorized to access the resource during the last measurement period.

Number

 

Authorization rejects

The total number of users not authorized to access the resource during the last measurement period.

Number

The detailed diagnosis of this measure, if enabled, provides the details of the authorization attempts that were rejected by the SM Policy server.

Authorization rejects pct

The percentage of authorization rejects during the last measurement period.

Percent

 

In order to ensure that the SM Admin Test, SM Authentication Test, and SM Authorization Test function effectively, audit logging has to be enabled for the SiteMinder policy server. To achieve this, do the following:

  1. Open the "SiteMinder Policy Server Management Console" using the menu sequence depicted by Figure 1.
  2. Click on the Settings tab to open it.

    2

    Figure 1 : Enabling audit logging

  3. In the Audit Logging section present at the bottom of this tab (see Figure 1), click on the Audit User Activity and Audit Administrative Activity check boxes.
  4. Then, select the Text File option, and specify the full path to the log file that is to be used for audit logging. Ensure that the same path is specified against the Path parameter of the SM Admin Test, SM Authentication Test, and SM Authorization Test, respectively.
  5. Finally, click the Apply button and then the OK button to register the changes.