Can I force the user validation against the local windows security instead of the Active Directory one?
Article ID: 130042
Updated On:
Products
CA Privileged Access Manager - Cloakware Password Authority (PA)
CA Privileged Access Manager (PAM)
Issue/Introduction
Sometimes, when logging in to a Unix endpoint using the Unix Authorization Broker (UnAB), we may need to validate the user against the local windows security instead of using the Active Directory one.
Can I force the user validation against the local security instead of the Active Directory one?
Can I force the user validation against the local security instead of the Active Directory one?
Environment
PAM Server Control 14.0 and 14.1 SP1 UnAB (Unix Authorization Broker)
Resolution
Use the command opt/CA/uxauth/bin/uxconsole -map <username> -local -force -v
-force
Specifies to force user mapping and overwrite existing mapping or migration status or delete user mapping
-force
Specifies to force user mapping and overwrite existing mapping or migration status or delete user mapping
-local
Specifies to set the user account as a local exception. If you specify a user as local exception, UNIX Authentication Broker does not manage the user account, although an identical user account may exist in the Active Directory.
Additional Information
See also: uxconsole -map Manage Users Mapping
Feedback
Yes
No
Powered by
