PAM: Super password corrupt - there was not change password event
search cancel

PAM: Super password corrupt - there was not change password event


Article ID: 111141


Updated On:


CA Privileged Access Manager - Cloakware Password Authority (PA) CA Privileged Access Manager (PAM)


I was once able to access CA PAM using the 'super' account, but recently PAM is stating that my password for the super account is incorrect.  More specifically, I receive this:

Error: PAM-CMN-0900: Bad User ID or Password.


Privileged Access Manager, all versions


For scenarios like this, we must reset the super's password in the backend database in which PAM is leveraging.  Please raise a Support case and request for SSH Debug patch.

You need to apply the PAM_SUPPORT_SSH_DEBUG.p.bin patch:

- Logon to PAM as super
- Configuration >  Upgrade > upload and apply PAM_SUPPORT_SSH_DEBUG.p.bin
- Configuration > Diagnostics > System - > Turn ON Remote CA PAM Debugging Services
- Launch PuTTY, create a new SSH connection to the PAM server and set SSH_DEBUG_<date>.ppk file (contained in SSH DEBUG patch zip file) into

        Connection > SSH > Auth > Private Key for authentication

Please test the SSH connection is successful - you should see the following prompt

  login as:

Once this is all in place, request Support engineer to logging into the PAM appliance and injecting a few SQL queries to reset super's password.