We configured 2 user groups. Group-1 is for connecting to target system via remote app (By TL and Auto Connect). Group-2 is for approving connections of the Group-1 to systems .
We make configurations,
1.Created a Target Group
2.Created credential group and associated the user account with the credential group
3.Created Target Application and Account
4.After applying the PVP of Dual Authentication it is showing an error of PAM-CM-1056
But when removing the user from Credential Group then it is accepting the PVP policy on Target Account (Configuring reverse sequence), at this time account is not being usable on TL, and getting error (PAM-TLGN-0054: Trans.Log.Agent Launch failed: application list is empty...)
This is not a supported feature for TL. In the current release of CA PAM version 3.4.x, Transparent login does is not certified for Dual Authentication. This is the current product design.
Release : 3.3
Component : PRIVILEGED ACCESS MANAGEMENT
Access for connecting to TL can be controlled via the Policies option only.