Publishing Web Portals that are not compatible with CA PAM Browser
Article ID: 105668
CA Privileged Access Manager - Cloakware Password Authority (PA)PAM SAFENET LUNA HSMCA Privileged Access Manager (PAM)
Release: Component: CAPAMX
We have seen similar issues like this one and, for those customers, the solution was to use Microsoft Internet Explorer (or other Browser) published as a RDP Application, and configure Transparent Login for it. Please find below a set of instructions on how to do it:
1. Publish Internet Explorer (or your preferred Browser) in the RDP Collection, so it can be used by PAM; 2. Create the RDP Application to run the browser; 3. Execute the Learn Mode to generate a script to inject the credentials using Keystrokes. The resulting script would be similar to this:
4. Link the Transparent Login Script and an Account to the RDP Application. It requires the window title - if the page is omitting its title, then the window title would be one of the following:
- Just the browser name; - An empty space followed by a dash and the browser name (for example " - Microsoft Internet Explorer" - without the quotes); - The web page file name followed by a dash and the browser name (for example "form.html - Microsoft Internet Explorer" - without the quotes).
Please note that the script is configured to do keystrokes based on axis positioning (X and Y axis), so you must ensure that the browser window always start maximized to avoid misplacement of the cursor. Also, this script prevents user input while the Transparent Login is running, to avoid users intentionally misplacing the cursor to gain access to the password.