Forum Discussion
NimbostratusUsing TMSH for new SAML setup in APM (IdP)
Hi All,
I had a question around using TMSH, In my APM environment I have several IdP SAML solutions setup and working well, I have all the Vips and rules working etc.
My question is, can I use TMSH commands only to add in new saml implementations? e.g. new local IdP service, new SP connector, update existing AccessPolicy to add new flow etc..
Is this doable? is this a good idea? and does nayone have any examples of a full basic end to end setup?
Regards C
Everything in APM that can be configured on the GUI can be also configured with TMSH, with at least one exception: Customization content.
I'm not sure exactly how you have your SAML set up, but if it requires Policy Objects with customization data then you'll have to do some fiddling outside of TMSH to make it work. Note that customization data isn't necessarily custom, it could just be the default templates. Some types of objects require these and others don't.
2 Replies
Everything in APM that can be configured on the GUI can be also configured with TMSH, with at least one exception: Customization content.
I'm not sure exactly how you have your SAML set up, but if it requires Policy Objects with customization data then you'll have to do some fiddling outside of TMSH to make it work. Note that customization data isn't necessarily custom, it could just be the default templates. Some types of objects require these and others don't.
CX_280703Thanks Lucas, Generally I will be doing standard changes so nothing customizable. I just want to be able to make future changes via the tmsh.
Do you know where too find examples of these commands? Not just what commands are available but actual example commands?
