search cancel

Which attribute of the AD user entry is imported into PAM user field

book

Article ID: 190167

calendar_today

Updated On:

Products

CA Privileged Access Manager (PAM) CA Privileged Access Manager - Cloakware Password Authority (PA) CA Privileged Access Manager - Server Control (PAMSC)

Issue/Introduction

Active Directory is configured in PAM.
AD users are imported to allow login to PAM GUI.
What user attributes does PAM import when importing AD users?

Environment

Release : 3.x

Component : PRIVILEGED ACCESS MANAGEMENT

Resolution

Following is a sample /var/log/ldap_importer/LDAPImport0.log.x

<record>
  <date>2020-05-06T00:07:13</date>
  <millis>1588723633729</millis>
  <sequence>20</sequence>
  <logger>com.xceedium.gatekeeper.ldapSink.ServiceLDAPDataSink</logger>
  <level>FINE</level>
  <class>com.xceedium.gatekeeper.ldapSink.ServiceLDAPDataSink</class>
  <method>importLDAPGroupMember</method>
  <thread>13</thread>
  <message>The member doesn't exists, add new member with: User CN=PAM Admin3,OU=PAMUsers,DC=training,DC=localFrom Group CN=PAMAdminsGroup,OU=PAMUsers,DC=training,DC=local
UserPrincipalName = [email protected]
samAccountName = pamadmin3
Short Name = pamadmin3
First Name = PAM
Last Name= Admin3
Email= [email protected]
Phone= 02123123
Expiration= 0
Description= AD Descr
</message>
</record>