CA PAM - Microsoft Office 365 integration

book

Article ID: 104074

calendar_today

Updated On:

Products

CA Privileged Access Manager - Cloakware Password Authority (PA) PAM SAFENET LUNA HSM CA Privileged Access Manager (PAM) CA Privileged Access Manager (PAM)

Issue/Introduction



What is the use case for the CA PAM - Microsoft Office 365 integration?

For example, how can the user then access Office 365, can the integration change the password after every login(and how to do that in CA PAM), what does CA PAM then monitor.?

Environment

Release:
Component: CAPAMX

Resolution

The main benefit is ADFS federation to Office 365 for privileged users who administer O365.
(it is not intended for end users to use Word, Excel, etc.)

The Xceedium Browser web session will provide SSO to O365 as well as web-based session recording of the activities of the O365 admin who is provisioning licenses and accounts for Exchange, SharePoint, and any other services on the O365 site.



Once your specific Office 365 login mechanism is configured to allow Federation, you can setup in PAM a TCP Service Web Portal using PAM Browser using SAML SSO Auto Login Method.

Here you can use the ADFS Security Token Service (STS) Endpoint Reference URI, typically:
urn:federation:MicrosoftOnline

 

Additional Information

https://communities.ca.com/people/SungHoon_Kim/blog/2018/03/01/pam-and-o365-integration