C.1 Enhancements in Access Manager 3.1 SP3

C.1.1 Identity Server Enhancements

Following are Identity Server enhancements for Access Manager 3.1 SP3 release:

C.1.2 Access Gateway Enhancements

C.1.3 Administration Console Enhancements

  • Policy View Administrator: A policy view administrator has rights only to view policy containers. The super administrators can create a special type of delegated administrators called policy view administrators who can only view the policies in the policy container assigned to them. They policy view administrators can login to Access Manager with their credentials and they are allowed to view only the policy containers assigned to them. For more information, see Administration Console in the Novell Access Manager 3.1 SP5 Administration Console Guide.

C.1.4 NAT Support

The Network Address Translation (NAT) protocol maps all the public IP addresses to communicate with a single private IP address. The network administrators create a NAT table to map the public-to-private and private-to-public IP address. The IP address can be static or dynamic.

Access Manager can be configured by using NAT, which enables the communication between the Administration Console from local network to other Access Manager devices such as Identity Server and Access Gateway. The devices can be in the external network or in another private network. The NAT address needs be to configured in router.

C.1.5 LDAP Rebind

Once a new LDAP SSL connection is made, it is kept open for reuse. For every new user requests, the same LDAP SSL connection can be used to rebind to a different user. The connection establishment overhead for every LDAP request is removed which boosts the performance in slow links. The maximum number of connections in the pool and the interval for which a connection can be kept open (LDAP timeout) can be configured.