Generate PAM and AD password

book

Article ID: 127976

calendar_today

Updated On:

Products

CA Privileged Access Manager - Cloakware Password Authority (PA) PAM SAFENET LUNA HSM CA Privileged Access Manager (PAM)

Issue/Introduction

Is there any way to generate a password under CA PAM and then replicate it to the Active Directory (with a Domain Administrator account)?

I am implementing PAM with Active Directory.

Environment

PAM 3.x and AD

Resolution


Once you have synchronized an Active Directory account with PAM, you can ask PAM to generate a password and update the Active Directory account.

The Active Directory connector, Windows Proxy connector, and Windows Remote connector all manage Windows accounts. Use the Active Directory connector to update the passwords of Active Directory accounts. This connector uses the LDAPS interface to Active Directory to update account passwords. If the connector communicates with a deployed Windows Proxy or a Windows Remote connector, you can use this connector to update Windows services and scheduled tasks.

The Active Directory target connector performs the following activities:
•Verifies and synchronizes the password against an Active Directory database.
•Queries one or more DNS servers to find domain controllers (optional).
•Uses LDAPS to connect to the domain controller.
•If you use a domain account for a service or for a scheduled task, one or more Windows Proxies update the credentials and restart services.

Additional Information

See also: Add an Active Directory Target Connector.