Technical Solutions
Change Guardian 5.1.1 and Security Agent for Unix 7.6.1 are generally available!
These releases replace Oracle JDK with Azul Zulu OpenJDK, an open source alternative. This release also includes new platform support and important software fixes. Please see the release notes for more information.
Improve eDirectory Disk IO Subsystem with LVM Stripe and XFS
As the eDirectory documentation mentions; the most common bottleneck is the disk subsystem, which is especially accentuated in large deployments and/or environments with high consumption of eDirectory services. It also lists some recommendations to take into account to improve the performance of this critical point, however, everything has a limit. In a recent case, an…
MaxMind Precision GeoLocation for Access Manager 4.4.4+
This setup is based on @cstumula‘s Maxmind Geolocation Provider for Risk Based Authentication with NAM 4.1 Cool Solution. You can safely have both JAR files in the IDP’s lib directory. This solution uses MaxMind’s Precision City API, saving on keeping local databases, but does currently require a direct internet connection. If you need a proxy…
IDM Designer – Removing disabled rules with PowerShell
We inherited an environment with a lot of policy rules marked as disabled in the Policy Builder within IDM Designer. Within these rules there are also nested disabled conditions and actions, which in order to be seen need to be expanded in the GUI. We wanted to find a way to remove these rules…
IDM Designer – How to multiple link a policy with different weights
When NetIQ released IDM 4 with IDM Designer v4.0, they introduced the concept of a driver “package”. This was followed by the idea of layering packages, so that new features could be added, old features removed, and generally we would no longer have single huge monolithic drivers to deal with. By now, this is not…
NetIQ Access Manager Real Time Analytics Using AWS Kinesis Service
This article covers use-cases, Architecture, a sample scenario, and how to analyze and visualize the Access Manager Audit Events in Kibana Analytics Dashboard with the help of various AWS Managed services.
Change log-severity of Access Gateway on the fly
This solution will allow a user to change the severity level of logs on the fly, without restarting Access Gateway. This will help developers to debug an intermittent issue by enabling the debug level of logs only when needed without restarting Access Gateway process/services and avoid adverse impact of setting debug log level all the time.
OAuth Scopes\Claims Restriction
Access manager allows you to use OAuth2.0 protocol for authentication and authorization. When using OAuth2.0, each application can get an access token by choosing one of the supported methods (Authorization Code, Implicit, Resource Owner Credentials, Client Credentials, SAML 2.0 Assertion). When configuring a Resource Server, you can…
Configuring Advanced Authentication for Non Domain Workstations
This document provides information on how to configure Advanced Authentication for workstations that are not domain joined (e.g. meeting room laptops etc). The solution allows (domain) users to login using 2-Factor authentication instead of login with the local account. To configure you’ll have to perform the following configuration tasks: Configure the Advanced Authentication Methods and…
eDirectory PKI Server Cookbook
In this document, I plan to capture various use cases around eDirectory Certificate Server, eDirectory server certificates, and troubleshooting tips. This is intended to be a live document which will get updated with more information over time.
