- Over seven years of Web Security Administration onCA Identity minder,CASiteMinder, CA Governance Minder, Active LDAP Directory Server, Web Logic, Web Sphere application server, Portal Server.
- Experience in implementation of Security Management tools in enterprise wide Applications to achieve Authentication, Authorization and Accountability.
- Have effectively handled IDM administrative tasks including password policies, bulk account actions, creating, defining and editing IDM objects and IDM approval. Created and updated the provisioning policies as per the change in the business environment using Policy Xpress and Prepared test cases for migration of sun IDM.
- Experience in analyzing the logs (trace logs, logs) and Trouble Shooting issues in Integration of other applications usingCA SiteMinder (Access Management) andIdentity Management tools along with LDAP and Web - server agents and SiteMinder federation services.
- Experience in implementingIdentity management system usingCA Suite (CA IDM) to Provisioning users (create, modify, update delete) along with self-service portals like password reset, request for access, manage Job Code, out of office assistance across endpoints like AD, RACF, Linux etc.
- Experience with using IdP initiated and SP initiated SAML profiles with different binding methods like POST, Artifact, Re-direct to deliver a custom SSO environment as per the requirement.
- Good knowledge of implementing RSA token Authentication.
- Good experience in implementing the SAML based Single Sign-on (SSO) and Single Log-Out (SLO) involving service with third party applications.
- Hands on experience with IIS, Apache Web servers and Web logic and Web Sphere Application servers inIdentity and access management environment.
- Good experience in using all the IDM components like Connector Xpress to build custom connectors. Provisioning Managerto create Roles, account templates, endpoints and test endpoint provisioning and troubleshoot endpoint related issues. Installed and configured bulk load client on various platforms to automate tasks in IDM.
- Solid understanding of Identity Access Management architecture and exposure to entire features of CA SiteMinder (Policy Servers & Web Agents), PingFederate 7.1.2 and later versions
- Implemented SAML federation for CA SiteMinder using PingFederate in non-production environment and prepared documentation for implementing the same in Production environment.
- Experienced in setting up with SP and IDP connections to Ping Federate.
- Documented the Procedures, Policies, lessons learnt and Best Practices to increase the efficiency and for the future references.
- Implemented, configured and upgraded CA Governance minder from 12.5 to 12.6.
- Experienced in BPR(Business Policy Rules)Management andCompliance Management in Governance Minder .
- Experienced in configuration of Governance Minder Email Notifications.
- Experienced in using out of box connector that import data from and export data to endpoint systems in Governance minder.
- Experienced ininstalling the CA IAM Connector Server in a cluster environment, install the CA IAM Connector Server on one of the nodes, or on a dedicated node.
- Experienced in coordinating the completion of role.
- Experienced in executing certification campaigns.
- Experienced in creating database connection to the reporting server.
- Experienced in access certifications and monitor overall completion of access certifications.
- Experienced in role-based user entitlements with the end applications.
- Experienced in developing a POC to integrate CA Governance minder with CA Identity minder.
- Experienced in Repair CA Governance Minder Configuration, User, and Resource Files.
- Excellent working knowledge of configuration and implementation of web agents, affiliate agents, application agent’s configuration and administration.
Security: Netegrity/CA SiteMinder 5.x/6.x/12.0/12.52/Ping Federate Risk Minder/ Identity Minder OR Identity Manager / Governance Minder 12.5.7/12.6.02
Application/Web Servers: WebLogic Application Server 6.0/7.0/ 8.1/9.2/10.3 , WebLogic Portal 8.1/9.2/10.3 JBOSS 5.x, WebSphere MQ 5.3/6.x, IBM WebSphere 5.x/6.x, SAML 2.0Apache - Tomcat, IBM HTTP Server, Netscape Enterprise Server 3.5, iPlanet 6.x, Microsoft IIS
Identity Management Tools: CA Identity Manager r12/r8.1, Sun Identity Manager 8.0/7.1/6.0
Directory Servers: Sun ONE Directory Server (5.1, 5.2, 6.3), Microsoft Active DirectoryNovell eDirectory 8.7x
Performance Monitoring Tools: Site Minder 5.x/6.x one view monitor, Tivoli Access Manager, TPVLog Analyzer, Thread Analyzer.
IDE’s/Tools/Utilities: JBuilder 4/8, Microsoft Visual Studio IDE 3.1, Eclipse, NetBeansIBM VA for Java, SQL*Plus, MQ Series 5.x, Microsoft Project 2000
Operating Systems: UNIX (Solaris 9/10, AIX), Red Hat Linux, Win 95/98/NT/ 2000, 2003, 2008.
Databases: Oracle 11g/10g/9i, SQL Server 2008/2005/2000/7.0 , MS My SQL 5.0Access 7.0
Languages & Technologies: Java (JDK), J2EE - Java Beans, JSP, Applets, ASP, JNDI, RMI, Java Mail APISQL, PL/SQL, Perl, JDBC/ODBC
Design Methodologies: Unified Modeling Language (UML) 1.0, Rational Rose, Rational Clear CaseRational Requisite, MS Visio, ERWIN
CA Identity Manager Engineer
- Upgrading webagents from 12.0-sp03-cr009 to 12.52 cr01 in both Corporate and Commercial in all the environments (Dev,Test,Stage and Prod) in both Unix and Windows OS.
- Designed the architecture based on technical requirements and implemented the solution withCA Identity Managerr12.5 SP8 CR2, SiteMinder 12.52 with my primary focus onIdentity Manager
- Installed, configured and administeredCA IDM,CA SiteMinder Policy Server, Web agents,CA Directory and Oracle Directory Server (LDAP) on various platforms for a clustered and HA environment on WebSphere 8.5, JBOSS and various Platform
- Integrated IDM withCA SSO, Providing Authentication and Authorization to IDM
- UsedCA Wily Introscope monitoring tool to generate performance reports of SiteMinder policy servers and other LDAP servers
- Configured System objects like Agents, Agent Conf Objects, Host Conf Objects, User Directories, Domains, Administrators and Schemas
- Responsible to handle complex JobCode logics which involved multivalued attributes and multiple PX's to tie groups, provisioning roles and endpoints to respective JobCode
- Built various custom tasks in IDM API for administrators to facilitate ease of access and troubleshooting tickets
- Responsible for provisioning users across endpoints like Active Directory, LDAP, Unix, and RACF/Mainframe.
- Responsible for exploring and correlating users from various endpoints
- Developed and deployed JDBC and JNDI custom connectors using Connector Xpress as per the requirements for LDAP endpoint and used role definition generators to deploy to IDM
- Worked or various OOB and custom Workflows that involved complex logics to handle assignment of approvers
- Worked on setting up remote task to IDM through Web services calls from EFI front-end applications via Task Execution Web Service (TEWS).
- Improvised Logical Attribute Handlers, BLTH modules usingCA Identity Manager API’s.
- Worked on executing certification campaigns and configuring Business Process Rules in CA Governance Minder (RCM).
- Worked on workflow approvals for the certification campaigns in Governance Minder
- Worked on install the CA GovernanceMinder Client Tools and Workpoint Designer application on a separate Windows computer running a supported operating system
- Worked on role-based user entitlements with the end applications in Governance Minder
- Worked on to enable certifications and other business processes, import predefined workflow definitions into Workpoint
- Worked on Certifications use basic auditing tools to run certification and attestation processes to designated reviewers in Governance Minder
- Worked on Editing and data enrichment, resource, or configuration files for user in user (.udb) resource (.rdb), or configuration (.cfg) file.
- Migrated passwords from legacy application to IDM capturing the last password change date
- Good experience in setting up Bulk Load Clients and automating different IDM tasks
- Good experience in analyzing SiteMinder logs, IDM application server logs, provisioning server logs to troubleshoot various authentication/endpoint related issues
- Used windows task scheduler to execute Kettle/Pentaho scripts for automated generation of Reports, Extracts and Feeds from various data sources like CATS (HR Database), Corporate Store, Oracle database etc.
- Created and maintained attribute mapping document from IDM to all the managed endpoints
Environment: CA IDM r12/12.5 SP8 CR1,CA SSO r12.x,CA Governance Minder 12.6.1CA Directory r12.x, WebSphere Application Server, JXplorer, Softerra, MobaXterm Professional, Oracle Sql Developer, SNMP, UNIX, LINUX, Solaris, IBM AIX, Windows.
CA IDM Consultant
- Experience in installing, configuring and maintainingCA IDM r12.6 SP4, Web agents, Transaction Minder, Active Directory server, Oracle Directory Server (LDAP) and various Web servers (plug-in files), Application servers on environments like Web sphere 8.5, JBOSS 6.4EAP and various platforms.
- Work on implementing and supporting SAML-based Federation technologies like OAUTH 2.0, Active Directory Federated and governance minder 12.6.1
- Responsible for provisioning users across endpoints like Active Directory, LDAP, Unix, and RACF/Mainframe along with explore and correlating users from various endpoint.
- Configured Affiliate agents, RADIUS agents to provide federation of web services in the SSO environment providing authentication & authorization to IDM.
- Created and updated the provisioning policies as per the change in the business environment using Policy Xpress.
- Developed multiple Policy Xpress to trigger on various tasks and also to generate standard company requirements like generation of unique ID's, passwords, emails, record entries etc.
- Configured System objects like Agents, Agent Config Objects, Host Config Objects, User Directories, Domains, Administrators and Schemas.
- Valuable experience in analyzing IAM logs, IAM application server logs, provisioning server logs to troubleshoot various authentication/endpoint related issues
- Worked on setting up remote task toCA IDM through Web services calls from EFI front-end applications via Task Execution Web Service (TEWS).
- Implemented OAUTH enabled for social based apps and implemented JIT for cloud provisioned applications.
- Developed and deployed JDBC and JNDI custom connectors using Connector Xpress as per the requirements for LDAP endpoint and used role definition generators to deploy to IDM.
- Improvised Logical Attribute Handlers, BLTH modules usingCA Identity Manager API's
- Migrated passwords from legacy application toCA IDM capturing the last password change date.
- Created, Configured and Administered Profiles, Clusters, Nodes and Node Groups for WebSphere Application Server.
Environment: CA IDM r12.5/r12.6 SPx,CA SSO r12.x,CA Governance Minder 12.6.1CA Directory r12.x, WebSphere Application Server, JXplorer, Oracle SQL Developer, SNMP, UNIX, LINUX, Solaris, IBM AIX, Windows Active Directory, Windows.
CA IDM/ SiteMinder Engineer
- Configured the Siteminder administration console for application on boarding and implemented the single sign on. Drafted technical design document for Web application security.
- Installed the web agents on client application machines. Assisted on installing the webservers on windows platforms.
- Configuring agents on multiple Apache web server and app location servers. Configuring Directory tree structure with suffixes and organization units.
- Migrated corporate LDAP to global LDAP to maintain in synch with SSO user profiles. Creating groups and roles in the Directory server and managing them by adding/deleting the users
- Apply the password policies to Users/Groups/Roles. Configured authentication schemes with custom templates.
- Deployed Siteminder,Identity Manager and LDAP to the various environments. Created global policy with rules and responses for concurrent login
- Added required attributes in the object class according to the client's requirement. Configured the System and domains objects as per the client requirements.
- Troubleshooting the application issues and single sign on issues. Configured IDM web services for admin role constraints and executed through Soap UI.
- Created the custom schema by adding the attributes and object classes. Managing the user entries in organization in the LDAP.
- Created Environments and Directories inCA IDM management console. ConfiguredIdentity minder policy express and bulk loader.
- Configured Admin tasks, Admin roles and TEWS Web Services as per the requirement. Scheduling the explore-correlate inCA IDM.
- Modified the password policies as per the security requirements. Configured LDAP instances on Active directory container.
- Configured the replication in between the multi master. Configuring the ACIs for the application service accounts to provide read/modify permissions on the specific node in Active directory server.
Environment: CA SiteMinder Policy Server v6.0, Web Agent 5QMR7, 6.CA Identity Minder, Active Directory Server (LDAP), Sun ONE Web Server 6, Apache Web Server 2, BEA Web logic 8.1 SP2, Web Sphere 6, Oracle RDMS, Korn shell scripting, Perl, XML, UNIX, Windows Active Directory.
SiteMinder/ IDM Consultant
- Coordinated and communicated with application teams while working on migrating applications from LDAP 5.1 environment to LDAP 6.3 in both Production and Non-Production environments.
- ClusteredCA SiteMinder Policy Servers for failover and high availability and generated consequent reports.
- Coordinated with Server operations team to ensure smooth reinstallation of routers and subsequent troubleshooting ofCA /NetegritySiteMinder errors such as handshake errors caused due to changes in MAC address of the WebServer in both Production and Non-Production environments.
- Installed and configured Webagents on WebServers like IIS 5.0/6.0/7.0, Apache 2.x, and SunOne Webserver 6.1/7.0.
- Performed User Acceptance Testing (UAT) analysis for non-production applications to ensure that the applications met user expectations before the production release.
- InstalledCA SiteMinder Trust Authentication Interceptor (TAI) for IBM WebSphere 6.0.
- Exported and imported data and schema between master and consumer LDAP databases using Admin Console and command line utilities.
- Experience in setting up keystore and policy store data and setting up super user password and integrated with LDAP.
- Deployed test applications for APC monitoring for Ping Federation Services.
- Worked closely with application team for testing and sign-off of migration activities in production and non-production environments.
Environment: CA SiteMinder6.0/12.0, CAIdM 12.5, SunIdentity Manager 7.x/8.x, Sun Java System Directory Server LDAP 5.x/6.x/7.0, WebSphere Application Server 5.x/6.x/7x, IBM Tivoli Directory Server, SSL, SNMP, UNIX, LINUX, Solaris, IBM AIX, Windows.