For the PAMSC login integration, is it required for PAM to be configured to an Enterprise Management server?

book

Article ID: 106944

calendar_today

Updated On:

Products

CA Privileged Access Manager - Cloakware Password Authority (PA) PAM SAFENET LUNA HSM CA Privileged Access Manager (PAM)

Issue/Introduction



 

For the PAMSC login integration, is it required for PAM to be configured to an Enterprise Management server? Can it be configured to a Distribution Server?

Environment

Release: PAMCOA99500-3.0-PAM-Management Console-OVA Appliance
Component:

Resolution

Though the PAM GUI says "ENTM Host Name or IP" on the login integration configuration page, PAM will connect directly to ActiveMQ on the specified server. This means that PAM can be configured to point to any IP or host name within the PAMSC architecture that has ActiveMQ running on it, including either Enterprise Management or the Distribution Servers. However, if the target endpoint is not subscribed to the Distribution Server that PAM is connecting to, ActiveMQ must be running on Enterprise Management in order for the integration to work.

Additional Information

For more information regarding the PAMSC login integration with PAM, please refer to the Implementation Guide.
https://docops.ca.com/ca-privileged-access-manager/3-2/EN/integrating/ca-privileged-access-manager-server-control-login-integration