How will the cache update behave on A2A client when the password of the target account is changed?
Article ID: 108036
Updated On:
Products
CA Privileged Access Manager - Cloakware Password Authority (PA)
PAM SAFENET LUNA HSM
CA Privileged Access Manager (PAM)
Issue/Introduction
When the "Use Cache First" is set to the "Cache Behavior" in the target account for the A2A Client, how will it be worked?
<Please see attached file for image>
Environment
CA Privileged Access Manger r3.x (PAM r3.x)
Resolution
It will work as the below mechanism.
Also, after the #1, if the A2A client cannot connect to the PAM server because of something problem until #3, as the A2A client cannot get the latest password, the A2A script does not work then.
- Change the password of the account.
- The signal will be sent from the Credential manager to the A2A client about what the password was changed, and the cache will be cleared at the timing.
- Run the A2A script on the A2A client.
- The A2A client requests the password to the Credential manager on the PAM server because the cache does not have the password then.
- The Credential Manager will provide the password information to the A2A client.
- The script will be run and completed to run. The received password from the Credential Manager will be stored to the cache on the A2A client.
- After that, the password in the cache will be used later until the #1 will occur next time.
Also, after the #1, if the A2A client cannot connect to the PAM server because of something problem until #3, as the A2A client cannot get the latest password, the A2A script does not work then.
Attachments
Feedback
Yes
No
Powered by
