PAM : Transparent login example : Automate password inject to "su" prompt
search cancel

PAM : Transparent login example : Automate password inject to "su" prompt

book

Article ID: 191109

calendar_today

Updated On:

Products

CA Privileged Access Manager (PAM)

Issue/Introduction

This article describes an example of Transparent login.
Automate password inject to "su" prompt.

Environment

PAM any version.
Target device is Linux.

Resolution

1. [Configuration] - [Security] - [Access] and enable [Command String]. (This is disabled by default)



2. Edit target device - [Transparent Login] and select [Command String]
3. Input Authentication prompt and command.
In this example, "Password:" is actual prompt when you execute "su" on the target device.


 
4. Edit policy - [Transparent Login] and assign root account.


5. In the PAM access, "su" does not ask root password.

Additional Information

Here is document link.
https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-privileged-access-management/privileged-access-manager/3-4/implementing/configure-policies-to-provision-user-access-to-devices-and-applications/configure-devices/device-setup.html#concept.dita_1e08b12562073cb52d2695d0922dc9c2d1428699_TransparentLogin
Powered by Wolken Software