ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.
Can I force the user validation against the local windows security instead of the Active Directory one?
Article ID: 130042
Updated On:
Products
CA Privileged Access Manager - Cloakware Password Authority (PA)
PAM SAFENET LUNA HSM
CA Privileged Access Manager (PAM)
Issue/Introduction
Sometimes, when logging in to a Unix endpoint using the Unix Authorization Broker (UnAB), we may need to validate the user against the local windows security instead of using the Active Directory one.
Can I force the user validation against the local security instead of the Active Directory one?
Can I force the user validation against the local security instead of the Active Directory one?
Environment
PAM Server Control 14.0 SP1 UnAB (Unix Authorization Broker)
Resolution
Use the command opt/CA/uxauth/bin/uxconsole -map <username> -local -force -v
-force
Specifies to force user mapping and overwrite existing mapping or migration status or delete user mapping
-force
Specifies to force user mapping and overwrite existing mapping or migration status or delete user mapping
-local
Specifies to set the user account as a local exception. If you specify a user as local exception, UNIX Authentication Broker does not manage the user account, although an identical user account may exist in the Active Directory.
Additional Information
See also: uxconsole -map Manage Users Mapping
Feedback
Yes
No
Powered by
