CA PAM 3.x: password auto change on manual login
search cancel

CA PAM 3.x: password auto change on manual login


Article ID: 100864


Updated On:


CA Privileged Access Manager (PAM)


It is possible to change the password at login/logout to the target machines using Password View Policies for the auto-login.
Can I do the same thing for the manual login?


CA Privileged Access Manager 3.x


If the user is not using auto-login, PAM won’t know what account has to change the password.
The policy is set by target account. You can define the Password View Policy(PVP) to change the target account after being used.
If the user enter the credentials manually, then this is just a simple “string”.

What you can do is to define a PVP to change the password after the check-in/check out.

And in the PAM policies, define to view the target account password.

Using this option will deny other users to use the account until the current user check it out.

Example of Password View Policy


At Access screen, get the password and login with it.

Access screen