- Over 7.0 years of IT experience in CA SiteMinder, Ping Federation and Network administrator.
- Sound Knowledge in Installation, Security & Performance Design and Configuration of the siteminder policy server, web-agents and application agents in a SSO Environment.
- Expertise in installation/configuration of siteminder according to their suitable needs (platform).
- Extensive knowledge of creating policy domains, realms, policies and rules, configuring access to User directories, setting up response attributes and cookie variables, defining authentication schemes in a SSO Environment.
- Ability to create and execute an upgrade plan for various CA siteminder versions (4.0, 5.0, 5.5, 6.x and 12.0).
- Having a good knowledge in creating the policies using the XML file for the application used in the demorganized zones (SSL).
- Sound Knowledge in Ping Federation, SAML/Ws-Federation protocols & MLITP sites.
- Excellent in Troubleshooting and Debugging issues using log files from policy server logs, webagent logs and Directory server logs.
- Experience in Directory Servers Configuration/Administration (SunOne/I Planet Directory server 5.x, 6.x, 7.x, MS Active Directory). Good understanding of LDAP protocol, designing of schema, planning the directory data according to the enterprise needs.
- Sound knowledge in LDAP v3 commands/ search strings to manage and trouble shoot user issues. Experience in creation of LDIF files to change attributes or bulk-add/delete users from User store manually.
- Experience in LDAP server Replication Management to make sure the directory services in the enterprise are accessible in highly available mode.
- Experience in installing the ADAM instance and the Replication instances.
- Experienced in generating the CSR and installing the certificates to the webserver.
- Troubleshooting and Fine Tuning of web and Application servers to support the given User Base requirement of Application.
- Ability to manage multiple tasks, work independently and adapt new technologies sharply.
- A result-oriented strongly motivated team player with excellent communication, interaction, coordination and people skills.
- Operating Systems: MS-DOS, Sun Solaris and Windows NT/95/98/2000/XP, Red Hat LINUX
- CA Packages: site minder4.5/5.5/6.0/R12 (Web Agents and App Server)
- Directory Servers: SunONE/iPlanet Directory Server, Microsoft Active Directory Server.
- Middleware Solutions: Apache web server, IIS 5.0/6.0/7.0 Web Server, iPlanet Web Server.
Confidential Hopewell, NJ
Siteminder Administration\Siteminder Engineer
- Implementation of Role Based Access Control (RBAC), Configured siteminder for self-service administration (changing passwords, etc.), workflow (for application access approvals), and delegation of administration authority, auditing and role definitions.
- Configuring CA siteminder policy server, framing Rules and Policies, Policy Server maintenance, SSO call clearance, Web Agent & Application agent installations, trouble shooting production problems.
- Create, manage and administer Agents, Authentication Schemes, user directories, Agent configuration objects, Host Configuration objects, logs and cache management.
- Migration of policy server from siteminder5.5 to site minder6.0 and Siteminder6.0 to R12, Load balancing, and failover configuration of the Policy store.
- Installing and configuring the webagent in a clustered instance.
- Created policies using policyminder tool and good knowledge of siteminder test tool.
- Involved in the applications protection over the DMZ zone using SAML or SOA according to the business needs.
- Install and configure siteminder federation security services on JBoss and Tomcat servers on various platforms.
- Configure applications with Ping Federate were siteminder acting as IDP and Ping Federate as SP using SAML 2.0 POST method.
- Configured applications with ADFS were siteminder acting as resource partner and ADFS acting as account partner using WS-Federation.
- Involved in cross domain migration policies as per the requirement.
- Involved in providing SSO solution between 2 different domains.
- Worked in the portal Project, where provided the Single Sign On between 2 domains.
- Created Custom Auth Scheme using Siteminder SDK, where AuthN and Authz are done on 2 different set of policy servers.
- Created policies for Mobile applications accessing using the web service calls.
- Using Ping Federation created connections for various Vendor sites as per the requirement.
- Troubleshooting issues related to SSO, authentication and authorization, as well as troubleshooting ADAM issues.
- Setting up Sun One LDAP configuring, Importing and Exporting LDAP data, setting up Replication of LDAP’s and ADAM.
- Involved in the team in developing documentation for the installation and management of the SiteMinder environment.
- Deployed Certs into SmKeydatabase which are used in federated applications.
- Creating Domains, Mapping Attributes in LDAP, Training domain Admin to have the User Administration delegated to the remote access for the application team.
- Generating CSR and applying Security Certs for Apache, IIS and iPlanet Web servers.
- Setup the Password Policies for the Users as per the client requirements.
- Worked in different level of escalations for the Production issues.
- Provided 24*7 support, as per company requirements.
Environment: CA SiteMinder 5.5 / 6.0/R12, Ping Federation, SOA, ADAM, Weblogic 6, iPlanet 6, Windows 2003\2008 servers, Red hat Linux.Confidential Warren NJ
LDAP and siteminder Administrator
- Involved with the Access Control Management team managing the Single Sign-On environment in a mixed environment comprising of Windows, Solaris and Linux environments using siteminder 5.5/6.0 with Sun One and Active Directory for policy and user stores.
- Developed strategy and successfully upgraded the siteminder environment Policy Server (and Web Agents) from version 5.5 SP3 to Version 6.0 on windows 2000 in the Development, Test
- Migrated siteminder Policy Store from MS SQL Server database to Sun One Directory Server 5.1
- Installed web agents on IIS 6.0 and Apache 220.127.116.11 Web Server running on Windows 2003 and configured Agents for Virtual Server instances in an SSL enabled load balanced environment
- Responsible for the design of rules, realms, policies, responses and domains for the SAP Dreamweaver Portal secured by an IIS 6.0 Web Agent
- Migrated the policy domain from development though Stage and Production environments.
- Provide 24/7 support and maintenance for the Siteminder.
- Installed the ADAM server instances as a replication instance and configured the same as the policy store.
- Environments including the Sun One Directory Server. Assigned and unassigned “roles” for new employees and external customers though the siteminder Interface.
- Generate reports and make changes for specific users as per business rules in Sun One Directory “User Store” using Soft era LDAP Administrator and LDIF Import
- Provide support to application developers to help integrate their applications with siteminder Single Sign on.
- Developed documentations for the upgrades, installation and management of the siteminder environment
- Managing the siteminder environment and helping the clients in installation, Configuration and troubleshooting the application’s security with Siteminder.
- Designed the migration plan and its activities for the siteminder upgradation from 5.x to 6.x.
- Setting up Sun One LDAP configuring, Importing and Exporting LDAP data, setting up Replication of LDAP’s.
Environment: CA SiteMinder 5.0/ 5.5, SunOne LDAP server 5.1, WebLogic 6, iPlanet 6, Apache 2.0, J2EE, Solaris 8, Win 2003 server, PowerPoint, Word.Confidential
- Provided solution development consulting for Computer Associates siteminder implementations for Agents, Claim Representatives, Mortgage Lenders and automotive body shops.
- Siteminder and Identity minder product installation, testing and implementation consulting.
- Provided siteminder 3rd level support and maintenance.
- Managed authorization privileges (user entitlements).
- Created rules, realms and policies to implement authorization permissions to web resources.
- Support distributed, delegated, and administration for siteminder administrative activities.
- Provided support integration with affiliate web sites (portals).
- Project member in consultant upgrading siteminder version 4.61 to version 5.5
- Maintained the siteminder deployment on a day-to-day basis.
- Monitored log files and system security on a day-to-day basis.
- Member of team that designed enterprise siteminder and LDAP architecture
- Installed the ADAM server and configured the same as the policy and user store.
- Enabled load balancing and failover mechanisms for various siteminder components in QA and Production Environments.
- Reviewed SunOne LDAP Directory structure and provided recommendations.
- Responsible for the design of rules, realms, policies, responses and domains for many applications to enable siteminder Single-sign on. Also responsible to solve User issue tickets.
- Troubleshoot the ADAM instances related to admin accounts used to configure to the policy server.
- Assisted in the team in developing documentation for the installation and management of the siteminder environment.
Environment: CA SiteMinder 5.0, SunOne LDAP server 5.1/5.2, WebLogic 6, iPlanet webserver, Apache 2.0, Solaris 8, Win 2000 server.Confidential
- Managed and coordinated network operation efforts, IT planning, security, and other technical areas.
- Maintained local area network for engineering group, which included workstations and several servers, both domain and member application, network printers, and associated hardware using Microsoft Windows XP, 2000 Server.
- Assigned user accounts and granted permissions to shared resources. Assured senior management of data protection by applying established government standards and demonstrating permission settings.
- Augmented onsite contractor desktop administrator and contractor supplied Help Desk to resolve user difficulties and requests for assistance
- Installed, configured, and updated applications, including Intranet Connections, Microsoft Office, Project 2002, Adobe Acrobat, Xerox Docushare, Microsoft Internet Information Server (IIS), and Veritas Backup Exec.
- Built, maintained, and repaired desktop computer systems, servers, and RAID storage subsystems to improve speed, reliability, and efficiency of operation.
- Defining the Realms, Rules, Responses, setting up response attributes as Cookie variables or HTTP variables, Defining User directories, Policies, configure them to the given set of user DNs.
- Created rules and policies to implement authorization permissions to web resources.
- Assigned as Computer Security Officer for government engineering group. Tasks included maintaining several security-contingency plans, communicating security incident information to management and users, and acting as liaison between users and IT Security Officers in upper management.
- Conducted security analysis of servers and desktops to verify adequate virus protection and compliance with federal government procedures.