PAM Admin cannot get the RSA integration working with PAM.

Release : 3.4.x, 4.0.x, 4.1.x

Component : PRIVILEGED ACCESS MANAGEMENT

When integrating PAM into RSA you need to validate:

• PAM Server needs to be added as an Authentication Agent
  • RSA UI -> Access -> Authentication Agents -> Add New
    Servername needs to match exactly as it is in the PAM UI -> Configuration -> Network -> Network Setting -> Hostname
• After defining the Authentication Agent -> RSA Admin will “Generate a Configuration File”
  • RSA UI -> Access -> Authentication Agents -> Generate a Configuration File (generates a sdconf.rec file)
  • PAM admin will need to manually create a sdopts.rec file
• Download the server certificate file from RSA
  RSA UI -> Access -> Authentication Agents -> Download Server Certificate File
• Upload the Certificate into PAM:
  • PAM UI -> Configuration -> Security -> Certificates -> Upload -> CA Bundles -> Upload certificate here

Finally in RSA - use the Real-time Activity Monitor to see if any requests are going to the RSA server:

• RSA UI -> Reporting -> Real-time Activity Monitors -> Authentication Activity Monitor -> Start Monitor (with Successful, Warning and Failure Events selected)