CA PAM 3.x: password auto change on manual login
search cancel

CA PAM 3.x: password auto change on manual login

book

Article ID: 100864

calendar_today

Updated On:

Products

CA Privileged Access Manager (PAM)

Issue/Introduction

It is possible to change the password at login/logout to the target machines using Password View Policies for the auto-login.
Can I do the same thing for the manual login?

Environment

CA Privileged Access Manager 3.x

Resolution

If the user is not using auto-login, PAM won’t know what account has to change the password.
The policy is set by target account. You can define the Password View Policy(PVP) to change the target account after being used.
If the user enter the credentials manually, then this is just a simple “string”.

What you can do is to define a PVP to change the password after the check-in/check out.

And in the PAM policies, define to view the target account password.

Using this option will deny other users to use the account until the current user check it out.

Example of Password View Policy

PVP_example

At Access screen, get the password and login with it.

Access screen

Powered by Wolken Software