search cancel

PAM : Requirements for account for password change

book

Article ID: 188539

calendar_today

Updated On:

Products

CA Privileged Access Manager (PAM) CA Privileged Access Manager - Cloakware Password Authority (PA) CA Privileged Access Manager - Server Control (PAMSC)

Issue/Introduction

We are using specific OS account which is dedicated to change password of someone else.
Is there any PAM impact if we revoke remote access rights from the account ?

Windows - supposed to use "Deny log on through Remote Desktop Services" policy.
Linux   - supposed to use "DenyUsers" in /etc/ssh/sshd_config.

Environment

Release : 3.3
Component : PRIVILEGED ACCESS MANAGEMENT

Resolution

Windows -
There is no PAM impact even if the account is added to "Deny log on through Remote Desktop Services" policy.

Linux   -
PAM does not work at all.