CA PAM - Microsoft Office 365 integration
Article ID: 104074
Updated On:
Products
CA Privileged Access Manager - Cloakware Password Authority (PA)
PAM SAFENET LUNA HSM
CA Privileged Access Manager (PAM)
CA Privileged Access Manager (PAM)
Issue/Introduction
What is the use case for the CA PAM - Microsoft Office 365 integration?
For example, how can the user then access Office 365, can the integration change the password after every login(and how to do that in CA PAM), what does CA PAM then monitor.?
Environment
Release:
Component: CAPAMX
Component: CAPAMX
Resolution
The main benefit is ADFS federation to Office 365 for privileged users who administer O365.
(it is not intended for end users to use Word, Excel, etc.)
The Xceedium Browser web session will provide SSO to O365 as well as web-based session recording of the activities of the O365 admin who is provisioning licenses and accounts for Exchange, SharePoint, and any other services on the O365 site.
Once your specific Office 365 login mechanism is configured to allow Federation, you can setup in PAM a TCP Service Web Portal using PAM Browser using SAML SSO Auto Login Method.
Here you can use the ADFS Security Token Service (STS) Endpoint Reference URI, typically:
urn:federation:MicrosoftOnline
(it is not intended for end users to use Word, Excel, etc.)
The Xceedium Browser web session will provide SSO to O365 as well as web-based session recording of the activities of the O365 admin who is provisioning licenses and accounts for Exchange, SharePoint, and any other services on the O365 site.
Once your specific Office 365 login mechanism is configured to allow Federation, you can setup in PAM a TCP Service Web Portal using PAM Browser using SAML SSO Auto Login Method.
Here you can use the ADFS Security Token Service (STS) Endpoint Reference URI, typically:
urn:federation:MicrosoftOnline
Additional Information
https://communities.ca.com/people/SungHoon_Kim/blog/2018/03/01/pam-and-o365-integration
Feedback
Powered by
