search cancel

PAM 3.x: Does not work login integration with CA PAM - CA PAM SC

book

Article ID: 113076

calendar_today

Updated On:

Products

CA Privileged Access Manager - Cloakware Password Authority (PA) CA Privileged Access Manager (PAM)

Issue/Introduction

Customer configure Terminal Integration via PAM SC.
But it failed to connect with following error:
Error type: RdpException.
Error message: Unable to connect to backend device. Please contact Administrator..
Stack trace: com.ca.xsuite.app.rdp3.client.handler.tcpstreamhandler.read (Unknown Source)…
 

Environment

PAM 3.2.1
PAM SC r14.0 GA Enterprise Management Server - PAM SC r14.0 Endpoint.
 

Resolution

It need configure as basically as following page:
https://docops.ca.com/ca-privileged-access-manager-server-control/14-1/en/integrating/integrate-with-ca-privileged-access-manager

And also, you need following additional configuration:

User requires following additional setting on PAM and PAM SC side at Login Integration:
1. At PAM side, PAM's target Account and PAM SC's user name should be same format as hostname\username or domainname\username. 
2. At PAM SC side, pupm_flags should be set with USE_ORIGINAL_IDENTITY.

In PAM 3.1.2 or PAM 3.2.1 has the problem at Application Type is Windows Remote or Windows Proxy.
The problem is Login Integration does not work except Application Type is Generic. It will fixed next release version.